communication from user devices to the secure network, you need to configure
settings in NetScaler Gateway and in App
Controller. Citrix recommends running the Quick
Configuration wizard to configure these settings, which include settings for
App Controller and StoreFront.
When you run the
wizard, NetScaler Gateway creates the virtual server and policies that are
needed for user connections to App
Controller. For more information about running the
Quick Configuration wizard, see
Configuring Settings with the Quick Configuration Wizard. The Quick Configuration wizard
configures the following policies automatically:
App Controller Settings
There are two
steps for allowing connections to App Controller applications in the secure
network through NetScaler Gateway. In App Controller, you:
- Configure NetScaler Gateway
- Specify the application to
accept connections from remote users.
To route user
connections through NetScaler Gateway, you provide the following information:
- Name for the appliance.
This can be any name you choose.
- Fully qualified domain name
(FQDN) to which users connect, such as https://NetScalerGatewayFQDN.
- FQDN for the callback URL
that verifies that the request came from NetScaler Gateway. You use the same
FQDN to which users connect. App Controller appends the FQDN automatically with
the authentication service URL. For example, the URL appears as
You can select the
web applications that require remote user connections through NetScaler
Gateway. When you configure an application in App Controller, you select a
check box that identifies that the web application is hosted in the internal
network. This adds the VPN keyword to the application and allows the connection
request through NetScaler Gateway.
information about configuring App Controller, see
Configuring Connections to
Applications Through NetScaler Gateway.
To support all
access methods for users, you need to configure the following settings in
- Authentication methods,
which include the following settings:
- User name and password
- Domain pass-through
- Pass-through from NetScaler
- The Enable legacy support
- NetScaler Gateway settings,
- NetScaler Gateway web
- Deployment mode
- NetScaler Gateway mapped or
subnet IP address
- Logon type as
- Silent authentication by
using the URL https://<NetScalerGatewayFQDN>/CitrixAuthService/AuthService.asmx,
NetScalerGatewayFQDN is the FQDN that is in the
certificate bound to the virtual server.
If you configure two-factor
authentication on NetScaler Gateway, when you configure the settings in
StoreFront and you configure the
and security token.