Hi All and thanks for checking back in, Since my last post about ICA files, I’ve been working on a project to deploy XenDesktop 7.6 and Netscaler 10.5 VPX and its so far been an interesting and head scratching journey. For those using Citrix Access Gateway 5.0.4 this is a big step up and much more for you to understand. Over the next couple of weeks I’ll go through the process or preparing the Netscaler for Citrix XenApp and Citrix XenDesktop access for both 6.5 and 7.6.
Getting Started:
Now there are a number of reasons why you might need to use a Netscaler, creating VPN connections, accessing Citrix XenApp, DNS load balancing websites, OWA and monitoring sites. From a design prepresive you need to know where you netscaler will sit on your network, you will need at least 2 NIC interfaces and 3 IPs. Your Netscaler IP, Your VIP for External Access and Your Subnet IP for internal access.
There is no limit to what you can do, but before you jump in you need to look at the 5 basic steps:
- Configure your NSIP, SNIP, DNS Servers on the inital login page.
- Licensing > Install your licenses
- Settings> Modes and Features> Basic Features, turn on what you need
- Same for Advanced features.
*Note use may not use all the feautres and some will be only available if you use Enterprise or platinum editions.
- You will need to assign a certificate and root CA to the Netscaler, its hightly recommend you use an Global External CA, like digicert, verisign, godaddy.
Once you have done that you can start using SSL offloading, create virtual gateways etc..
I’ll create a short video on how you can get started in the next week.
DNS Issue: For those who are already in the process of deploying a Netscaler might find setting up DNS name servers a bit of a pain in the ass. For instance adding it as a name server shows the status as down when as it using UDP. And if your in an environment where ICMP is blocked by the firewalls you will have to target the TCP port instead. There is a workaround and better practice for monitoring DNS as its targets the service port. Depending on your network, I would suggust this routes out your NSIP or MIP address on your management network. This is what I needed to do in a tight DMZ.
SLDAP Monitoring: If your hoping use SLDAP, like most of us do any monitoring your domain controllers for queires then the default LDAP monitor will not work. You need to create a custom monitor. Please see this Citrix Artcle on step how to do it. http://support.citrix.com/article/CTX117943