Citrix ADC

Support for active-active GSLB deployments on Citrix Gateway

Citrix Gateway configured as an Identity Provider (IdP) using the OIDC protocol can support active-active GSLB deployments.

For more information on configuring a GSLB setup, see Example of a GSLB setup and configuration.

Important:

Active-active GSLB with Citrix Gateway as an OAuth IdP is not supported for Citrix Cloud.

GSLB active-active support for multifactor authentication using connection proxy

Starting from Citrix ADC release 13.1 build 12.x, support is added for GSLB active-active deployment for multifactor authentication using connection proxy. This support is applicable for Citrix Gateway and Citrix ADC authentication, authorization, and auditing scenarios. Connection proxy is used to route requests to the correct GSLB sites once the authentication succeeds. For details on connection proxy persistence, see Connection Proxy.

How it works

The GSLB site persistence cookie is inserted in the authentication response. Using this cookie, the Citrix ADC or the Citrix Gateway appliance identifies whether the request is for a local site or a remote site. The requests are then routed accordingly.

Important:

  • Only GSLB active-active type deployment is supported.
  • Parent-child topology is not supported.
  • The persistence type in the GSLB deployment must be configured as “ConnectionProxy”.
Support for active-active GSLB deployments on Citrix Gateway