-
Install and configure the Citrix Gateway appliance
-
Deploy Citrix Gateway in a double-hop DMZ
-
Maintain and monitor Citrix Gateway systems
-
Unified Gateway
-
VPN configuration on a Citrix Gateway appliance
-
Integrate the Citrix Gateway plug-in with Citrix Workspace app
-
Configure DTLS VPN virtual server using SSL VPN virtual server
-
Integrate Citrix Gateway with Citrix products
-
Integrate Citrix Gateway with Citrix Virtual Apps and Desktops
-
Configure settings for your Citrix Endpoint Management Environment
-
Configure load balancing servers for Citrix Endpoint Management
-
Configure load balancing servers for Microsoft Exchange with Email Security Filtering
-
Configure Citrix Endpoint Management NetScaler Connector (XNC) ActiveSync Filtering
-
Allow Access from mobile devices with Citrix Mobile Productivity Apps
-
Configure domain and security token authentication for Citrix Endpoint Management
-
Configure client certificate or client certificate and domain authentication
-
-
Citrix Gateway Enabled PCoIP Proxy Support for VMware Horizon View
-
Proxy Auto Configuration for Outbound Proxy support for Citrix Gateway
-
Access Citrix Virtual Apps and Desktops resources with the Web Interface
-
Configuring Additional Web Interface Settings on Citrix Gateway
-
Configuring Access to Applications and Virtual Desktops in the Web Interface
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Unified Gateway
Citrix ADC with Unified Gateway: One URL
Citrix ADC with Unified Gateway enables simplified secure access to any application through a single URL for desktop and mobile users. Behind this single URL, administrators have a single point for configuration, security, and control of remote access to applications. And remote users have an improved experience with seamless single sign-on to all the applications they need along with login/logout once ease of use.
To accomplish this, Citrix ADC with Gateway, along with Citrix ADC’s Content Switching capacities and extensive authentication infrastructure, provides access to organizational sites and apps through this single URL. Also, remote users can use iOS or Android mobile devices and Linux, PC, or Mac systems with the Citrix Gateway client plug-ins for uniform access to the Unified Gateway URL, wherever they might be.
A Unified Gateway deployment allows single URL access to the following categories of applications:
- Intranet applications.
- Clientless applications
- Software as a Service application
- Preconfigured applications served by Citrix ADC
- Citrix Virtual Apps and Desktops published applications
Intranet applications might be any web-based application that resides inside the secure enterprise network. These are internal resources such as an organizational intranet site, a bug tracking application, or a wiki.
Typically also residing inside the secure enterprise network, the clientless applications Unified Gateway provides single URL access to are Outlook Web Access and SharePoint. These applications provide access to Exchange email and team resources without dedicated client software which need to be available to remote users.
SaaS applications, also commonly know as Cloud Apps, are external, cloud-based applications that organizations depend on such as ShareFile, Salesforce, or NetSuite. SAML based single sign-on is supported with those SaaS applications that offer it.
Some organizations might have preconfigured Citrix ADC served applications deployed in a Citrix ADC load balanced configuration. Often times this is also referred as a ‘reverse-proxy’ application. Unified Gateway supports these applications when a virtual server for the deployment resides on the same Citrix ADC Unified Gateway instance or appliance. These applications might have their own authentication configuration which is independent of the Unified Gateway configuration.
Any published Citrix Virtual Apps and Desktops published applications can be made available through a Unified Gateway URL. SmartAccess and SmartControl policies can optionally be applied to granular policy and access control to these resources.
The Unified Gateway Configuration Wizard
The recommended method to configuring a Citrix ADC with Unified Gateway deployment is to use the Unified Gateway configuration wizard. The wizard walks you through configuration and creates all the necessary virtual servers, policies, and expressions, and applies settings based on the details provided. After initial setup, the wizard can be used to manage your deployment and monitor its operation.
Note:
The Unified Gateway configuration wizard does not perform an initial systems configuration. Your Citrix Gateway appliance or VPX instance must have basic installation completed before configuring Unified Gateway. Refer to the installation instructions for Configuring Citrix Gateway with the First-time Setup Wizard to complete basic configuration.
The Unified Gateway elements configured by the wizard are:
- The Unified Gateway primary virtual server
- An SSL Server Certificate for the Unified Gateway virtual server
- A primary and any optional secondary authentication configuration
- A portal theme selection and optional customization
- The user applications that are to be accessed through the Unified Gateway portal
For each of these elements, you need to provide configuration information. For a basic Unified Gateway deployment, the following information is needed.
- For the primary Unified Gateway virtual server, the public IP address and IP port number for the deployment. This is the IP address that resolves in DNS to the Unified Gateway URL’s host name. For example, if your Unified Gateway deployment’s URL is
https://mycompany.com/
, the IP address must resolve to mycompany.com.
- The signed SSL Server Certificate for the deployment. Citrix Gateway supports PEM or PFX formatted certificates.
- Primary authentication server information. The authentication systems supported for this authentication configuration are LDAP/Active Directory, RADIUS, and Certificate based. A secondary LDAP or RADIUS authentication configuration might be created as well. The authentication server IP address must be provided along with any relevant administrator credentials or directory attributes. For Certificate authentication, the device certificate attributes and a CA certificate must be provided.
- A portal theme might be selected. If a customized or branded portal design is desired, custom graphics might be uploaded to the system with the wizard.
- For web-based user applications, the URLs for the individual applications must be specified. For web applications that are to utilize SAML single sign-on authentication, the utility collects the Assertion Consumer Service URL along with other optional SAML parameters. Gather the configuration details in advance for the applications that use a SAML authentication system.
- For Citrix Virtual Apps and Desktops published resources to be made available through the Unified Gateway deployment, you must specify the integration point (StoreFront, the Web Interface, or Web Interface on Citrix ADC). The utility requires the integration point’s fully qualified domain name, the site path, the single sign-on domain, the Secure Ticket Authority (STA) server URL, and others depending on the type of integration point.
Additional Configuration Management
For site specific settings not available in the Unified Gateway configuration utility, such as alternative SSL settings or session policies, you can manage the needed settings in the Citrix Gateway configuration utility. You can modify these settings on the Content Switching or VPN virtual servers once they are created by the Unified Gateway configuration utility.
Content Switching Virtual Server
This is the Citrix ADC configuration entity behind the deployment’s main IP address and URL. The SSL Server Certificates and parameters are managed on this virtual server. As this virtual server is the responding network host for the deployment, the ICMP server response and RHI state can be modified on this virtual server, if necessary. The Content Switching virtual server can be found under the Configuration tab at Traffic Management > Content Switching > Virtual Servers.
Important:
When you upgrade your Unified Gateway environment to release 13.0 build 58.x or later, the DTLS knob is disabled in the content switching virtual server that is configured before the gateway or VPN virtual server. Manually enable the DTLS knob in the content switching virtual server after the upgrade. Do not enable the DTLS knob if you are using the wizard for configuration.
VPN Virtual Server
All other VPN parameters, profiles, and policy bindings for the Unified Gateway configuration are managed on this virtual server, including the main authentication configuration. This entity is managed under the Configuration tab at Citrix Gateway > Virtual Servers. The relevant VPN virtual server’s name includes the name given to the Content Switching virtual server during initial Unified Gateway configuration.
Note:
The VPN virtual servers created for a Unified Gateway deployment are non-addressable and assigned the 0.0.0.0 IP address.
Share
Share
This Preview product documentation is Cloud Software Group Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Cloud Software Group Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Cloud Software Group product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.