-
How User Connections Work with the Citrix Gateway plug-in
-
Establishing the Secure Tunnel
-
-
Selecting the Citrix Gateway plug-in for Users
-
AlwaysOn VPN before Windows logon (Formally AlwaysOn service)
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Establishing the Secure Tunnel
When users connect with the Citrix Gateway plug-in, Secure Hub, or Citrix Receiver, the client software establishes a secure tunnel over port 443 (or any configured port on Citrix Gateway) and sends authentication information. When the tunnel is established, Citrix Gateway sends configuration information to the Citrix Gateway plug-in, Secure Hub, or Receiver describing the networks to be secured and containing an IP address if you enable address pools.
Tunneling Private Network Traffic over Secure Connections
When the Citrix Gateway plug-in starts and the user is authenticated, all network traffic destined for specified private networks is captured and redirected over the secure tunnel to Citrix Gateway. Receiver must support the Citrix Gateway plug-in to establish the connection through the secure tunnel when users log on.
Secure Hub, Secure Mail, and WorxWeb use Micro VPN to establish the secure tunnel for iOS and Android mobile devices.
Citrix Gateway intercepts all network connections that the user device makes and multiplexes them over Secure Sockets Layer (SSL) to Citrix Gateway, where the traffic is demultiplexed and the connections are forwarded to the correct host and port combination.
The connections are subject to administrative security policies that apply to a single application, a subset of applications, or an entire intranet. You specify the resources (ranges of IP address/subnet pairs) that remote users can access through the VPN connection.
The Citrix Gateway plug-in intercepts and tunnels the following protocols for the defined intranet applications:
- TCP (all ports)
- UDP (all ports)
- ICMP (types 8 and 0 - echo request/reply)
Connections from local applications on the user device are securely tunneled to Citrix Gateway, which reestablishes the connections to the target server. Target servers view connections as originating from the local Citrix Gateway on the private network, thus hiding the user device. This is also called reverse Network Address Translation (NAT). Hiding IP addresses adds security to source locations.
Locally, on the user device, all connection-related traffic, such as SYN-ACK, PUSH, ACK, and FIN packets, is recreated by the Citrix Gateway plug-in to appear from the private server.
Share
Share
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.