Configure NetScaler Gateway
After you configure the base network settings on NetScaler Gateway, you then configure the detailed settings so users can connect to network resources in the secure network. These settings include:
- Virtual servers. You can configure multiple virtual servers on NetScaler Gateway, which allows you to create different policies depending on the user scenario you must implement. Each virtual server has its own IP address, certificate, and policy set. For example, you can configure a virtual server and restrict users to network resources in the internal network depending on their membership in groups and the policies you bind to the virtual servers. You can create virtual servers by using the following methods:
- Quick Configuration wizard
- NetScaler Gateway wizard
- Configuration utility
- High availability. You can configure high availability when you deploy two NetScaler Gateway appliances in your network. If the primary appliances fail, the secondary appliance can take over without affecting user sessions.
- Certificates. You can use certificates to secure user connections to NetScaler Gateway. When you create a Certificate Signing Request (CSR), you add the fully qualified domain name to the certificate. You can bind certificates to virtual servers.
- Authentication. NetScaler Gateway supports several authentication types, including Local LDAP, RADIUS, SAML, client certificates, and TACACS+. In addition, you can configure cascading and two-factor authentication. Note: If you use RSA, Safeword, or Gemalto Protiva for authentication, you configure these types by using RADIUS.
- User connections. You can configure user connections by using session profiles. Within the profile, you can determine the plug-ins users can log on with, along with any restrictions users might require. Then, you can create a policy with one profile. You can bind session policies to users, groups, and virtual servers.
- Home page. You can use the default Access Interface as your home page, or you can create a custom home page. The home page appears after users successfully log on to NetScaler Gateway.
- Endpoint analysis. You can configure policies on NetScaler Gateway that check the user device for software, files, registry entries, processes, and operating systems when users log on. Endpoint analysis allows you to increase the security of your network by requiring the user device to have the required software.
Using the configuration utility
The configuration utility allows you to configure most of the NetScaler Gateway settings. You use a web browser to access the configuration utility.
Log on to the configuration utility
- In a web browser, type the system IP address of NetScaler Gateway, such as
http://192.168.100.1
. Note: NetScaler Gateway is preconfigured with a default IP address of 192.168.100.1 and subnet mask of 255.255.0.0. - In User Name and Password, type
nsroot.
- In Deployment Type, select NetScaler Gateway and then click Login.
When you log on to the configuration utility for the first time, the Dashboard opens by default on the Home tab. On the Home tab, you can use the Quick Configuration wizard to configure the settings for a virtual server, authentication, certificates, and Citrix Endpoint Management. You can also configure either StoreFront or Web Interface settings in the Quick Configuration wizard.
For more information about configuring NetScaler Gateway, see: