NetScaler VPX

Configure multiple IP addresses for a Citrix ADC VPX standalone instance by using PowerShell commands

November 21, 2024

Contributed by:

C C

In an Azure environment, a Citrix ADC VPX virtual appliance can be deployed with multiple NICs. Each NIC can have multiple IP addresses. This section describes how to deploy a Citrix ADC VPX instance with a single NIC and multiple IP addresses, by using PowerShell commands. You can use the same script for multi-NIC and multi-IP deployment.

Note

In this document, IP-Config refers to a pair of IP addresses, public IP and private IP, that is associated with an inidivual NIC. For more information, see the Azure terminology section.

Use case

In this use case, a single NIC is connected to a virtual network (VNET). The NIC is associated with three IP configurations, as shown in the following table.

IPConfig	Assocaited with
IPConfig-1	Static public IP address; static private IP address
IPConfig-2	Static public IP address; static private address
IPConfig-3	Static private IP addres

Note:

IPConfig-3 is not associated with any public IP address.

Diagram: Topology

Here is the visual representation of the use case.

localized image

Note:

In a multi-NIC, multi-IP Azure Citrix ADC VPX deployment, the private IP address associated with the primary (first) IPConfig of the primary (first) NIC is automatically added as the management NSIP address of the appliance. The remaining private IP addresses associated with IPConfigs must be added in the VPX instance as VIPs or SNIPs by using the “add ns ip” command, as determined by your requirements.

Here is the summary of the steps required for configuring multiple IP addresses for a Citrix ADC VPX virtual appliance in standalone mode:

Create Resource Group
Create Storage Account
Create Availability Set
Create NSG
Create Virtual Network
Create Public IP Address
Assign IP Configuration
Create NIC
Create Citrix ADC VPX Instance
Check NIC Configurations
Check VPX-side Configurations

Script

Parameters

Following are sample parameters settings for the use case in this document.

$locName="westcentralus"

$rgName="Azure-MultiIP"

$nicName1="VM1-NIC1"

$vNetName="Azure-MultiIP-vnet"

$vNetAddressRange="11.6.0.0/16"

$frontEndSubnetName="frontEndSubnet"

$frontEndSubnetRange="11.6.1.0/24"

$prmStorageAccountName="multiipstorage"

$avSetName="multiip-avSet"

$vmSize="Standard\_DS4\_V2" (This parameter creates a VM with upto four NICs.)

<!--NeedCopy-->

Note:

The minimum requirement for a VPX instance is 2 vCPUs and 2GB RAM.

$publisher="citrix"

$offer="netscalervpx110-6531" (You can use different offers.)

$sku="netscalerbyol" (According to your offer, the SKU can be different.)

$version="latest"

$pubIPName1="PIP1"

$pubIPName2="PIP2"

$domName1="multiipvpx1"

$domName2="multiipvpx2"

$vmNamePrefix="VPXMultiIP"

$osDiskSuffix="osmultiipalbdiskdb1"

**Network Security Group (NSG)-related information**:

$nsgName="NSG-MultiIP"

$rule1Name="Inbound-HTTP"

$rule2Name="Inbound-HTTPS"

$rule3Name="Inbound-SSH"

$IpConfigName1="IPConfig1"

$IPConfigName2="IPConfig-2"

$IPConfigName3="IPConfig-3"

<!--NeedCopy-->

1. Create Resource Group

New-AzureRmResourceGroup -Name $rgName -Location $locName

2. Create Storage Account

$prmStorageAccount = New-AzureRMStorageAccount -Name $prmStorageAccountName -ResourceGroupName $rgName -Type Standard_LRS -Location $locName

3. Create Availability Set

$avSet = New-AzureRMAvailabilitySet -Name $avSetName -ResourceGroupName $rgName -Location $locName

4. Create Network Security Group (NSG)

1. Add rules. You must add a rule to the NSG for any port that serves traffic.

$rule1=New-AzureRmNetworkSecurityRuleConfig -Name $rule1Name -Description "Allow HTTP" -Access Allow -Protocol Tcp -Direction Inbound -Priority 101  -SourceAddressPrefix Internet -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 80
$rule2=New-AzureRmNetworkSecurityRuleConfig -Name $rule2Name -Description "Allow HTTPS" -Access Allow -Protocol Tcp -Direction Inbound -Priority 110  -SourceAddressPrefix Internet -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 443
$rule3=New-AzureRmNetworkSecurityRuleConfig -Name $rule3Name -Description "Allow SSH" -Access Allow -Protocol Tcp -Direction Inbound -Priority 120 -SourceAddressPrefix Internet -SourcePortRange * -DestinationAddressPrefix * -DestinationPortRange 22

2. Create NSG object.

$nsg=New-AzureRmNetworkSecurityGroup -ResourceGroupName $rgName -Location $locName -Name $nsgName -SecurityRules $rule1,$rule2,$rule3

5. Create Virtual Network

1. Add subnets.

$frontendSubnet=New-AzureRmVirtualNetworkSubnetConfig -Name $frontEndSubnetName -AddressPrefix $frontEndSubnetRange

2. Add virtual network object.

$vnet=New-AzureRmVirtualNetwork -Name $vNetName -ResourceGroupName $rgName -Location $locName -AddressPrefix $vNetAddressRange -Subnet $frontendSubnet

3. Retrieve subnets.

$subnetName="frontEndSubnet"
\$subnet1=\$vnet.Subnets|?{\$\_.Name -eq \$subnetName}

6. Create Public IP Address

$pip1=New-AzureRmPublicIpAddress -Name $pubIPName1 -ResourceGroupName $rgName -DomainNameLabel $domName1 -Location $locName -AllocationMethod Static
$pip2=New-AzureRmPublicIpAddress -Name $pubIPName2 -ResourceGroupName $rgName -DomainNameLabel $domName2 -Location $locName -AllocationMethod Static

Note:

Check availability of domain names before using.

Allocation method for IP addresses can be dynamic or static.

7. Assign IP Configuration

In this use case, consider the following points before assigning IP addresses:

IPConfig-1 belongs to subnet1 of VPX1.
IPConfig-2 belongs to subnet 1 of VPX1.
IPConfig-3 belongs to subnet 1 of VPX1.

Note:

When you assign multiple IP configurations to a NIC, one configuration must be assigned as primary.

$IPAddress1="11.6.1.27"
$IPConfig1=New-AzureRmNetworkInterfaceIpConfig -Name $IPConfigName1 -Subnet $subnet1 -PrivateIpAddress $IPAddress1 -PublicIpAddress $pip1 –Primary
$IPAddress2="11.6.1.28"
$IPConfig2=New-AzureRmNetworkInterfaceIpConfig -Name $IPConfigName2 -Subnet $subnet1 -PrivateIpAddress $IPAddress2 -PublicIpAddress $pip2
$IPAddress3="11.6.1.29"
$IPConfig3=New-AzureRmNetworkInterfaceIpConfig -Name $IPConfigName3 -Subnet $subnet1 -PrivateIpAddress $IPAddress3 -Primary

Use a valid IP address that meets your subnet requirements and check its availability.

8. Create NIC

$nic1=New-AzureRmNetworkInterface -Name $nicName1 -ResourceGroupName $rgName -Location $locName -IpConfiguration $IpConfig1,$IpConfig2,$IPConfig3 -NetworkSecurityGroupId $nsg.Id

9. Create Citrix ADC VPX Instance

1. Initialize variables.

$suffixNumber = 1
$vmName = $vmNamePrefix + $suffixNumber

2. Create VM config object.

$vmConfig=New-AzureRMVMConfig -VMName $vmName -VMSize $vmSize -AvailabilitySetId $avSet.Id

3. Set credentials, OS, and image.

$cred=Get-Credential -Message "Type the name and password for VPX login."
$vmConfig=Set-AzureRMVMOperatingSystem -VM $vmConfig -Linux -ComputerName $vmName -Credential $cred
$vmConfig=Set-AzureRMVMSourceImage -VM $vmConfig -PublisherName $publisher -Offer $offer -Skus $sku -Version $version

4. Add NIC.

$vmConfig=Add-AzureRMVMNetworkInterface -VM $vmConfig -Id $nic1.Id -Primary

Note:

In a multi-NIC VPX deployment, one NIC should be primary. So, “-Primary” needs to be appended while adding that NIC to the VPX instance.

5. Specify OS disk and create VM.

$osDiskName=$vmName + "-" + $osDiskSuffix1
$osVhdUri=$prmStorageAccount.PrimaryEndpoints.Blob.ToString() + "vhds/" + $osDiskName + ".vhd"
$vmConfig=Set-AzureRMVMOSDisk -VM $vmConfig -Name $osDiskName -VhdUri $osVhdUri -CreateOption fromImage
Set-AzureRmVMPlan -VM $vmConfig -Publisher $publisher -Product $offer -Name $sku
New-AzureRMVM -VM $vmConfig -ResourceGroupName $rgName -Location $locName

10. Check NIC Configurations

After the VPX instance starts, you can check the IP addresses allocated to IPConfigs of the VPX NIC by using the following command.

$nic.IPConfig

11. Check VPX-side Configurations

When the Citrix ADC VPX instance starts, a private IP address associated with primary IPconfig of the primary NIC is added as the NSIP address. The remaining private IP addresses must be added as VIP or SNIP addresses, as determined by your requirements. Use the following command.

add nsip <Private IPAddress><netmask> -type VIP/SNIP

You’ve now configured multiple IP addresses for a Citrix ADC VPX instance in standalone mode.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Configure multiple IP addresses for a Citrix ADC VPX standalone instance by using PowerShell commands

November 21, 2024

Contributed by:

C C

November 21, 2024

Contributed by:

C C

Configure multiple IP addresses for a Citrix ADC VPX standalone instance by using PowerShell commands

Use case

Script

Parameters

1. Create Resource Group

2. Create Storage Account

3. Create Availability Set

4. Create Network Security Group (NSG)

5. Create Virtual Network

6. Create Public IP Address

7. Assign IP Configuration

8. Create NIC

9. Create Citrix ADC VPX Instance

10. Check NIC Configurations

11. Check VPX-side Configurations

In this article