Citrix Application Delivery Management service

Enable data collection to monitor Citrix ADCs deployed in LAN user mode

External users who access Citrix Virtual App or Desktop applications must authenticate themselves on the Citrix ADC Gateway. Internal users, however, might not require to be redirected to the ADC Gateway. Also, in a transparent mode deployment, the administrator must manually apply the routing policies, so that the requests are redirected to the Citrix ADC appliance.

To overcome these challenges, and for LAN users to directly connect to Citrix Virtual App and Desktop applications, you can deploy the ADC appliance in a LAN user mode by configuring a cache redirection virtual server. The cache redirection virtual server acts as a SOCKS proxy on the ADC Gateway appliance.

The following image illustrates Citrix Application Delivery Management (ADM) deployed in LAN User Mode.



Citrix ADC Gateway appliance must be able to reach the Citrix ADM agent.

To monitor Citrix ADC appliances deployed in this mode, first add the Citrix ADC appliance to the Citrix ADC Insight inventory, enable AppFlow, and then view the reports on the dashboard.

After you add the Citrix ADC appliance to the Citrix ADM inventory, you must enable AppFlow for data collection.


  • You cannot enable data collection on a Citrix ADC deployed in LAN User mode by using the Citrix ADM configuration utility.
  • For detailed information about the commands and their usage, see Command Reference.
  • For information on policy expressions, see Policies and Expressions.

To configure data collection on a Citrix ADC appliance by using the command line interface:

At the command prompt, do the following:

  1. Log on to Citrix ADC appliance.

  2. Add a forward proxy cache redirection virtual server with the proxy IP and port, and specify the service type as HDX.

    add cr vserver <name> <servicetype> [<ipaddress> <port>] [-cacheType <cachetype>] [ - cltTimeout <secs>]


    add cr vserver cr1 HDX 443 –cacheType FORWARD –cltTimeout 180


    If you are accessing the LAN network by using a Citrix ADC Gateway appliance, add an action to apply a policy that matches the VPN traffic.

    add vpn trafficAction** \<name\> \<qual\> \[-HDX ( ON | OFF )\]
    add vpn trafficPolicy** \<name\> \<rule\> \<action\>


    add vpn trafficAction act1 tcp -HDX ON
    add vpn trafficPolicy pol1 "REQ.IP.DESTIP ==" act1
  3. Add Citrix ADM as an AppFlow collector on the Citrix ADC appliance.

    add appflow collector** \<name\> **-IPAddress** \<ip\_addr\>


    add appflow collector MyInsight -IPAddress
  4. Create an AppFlow action and associate the collector with the action.

    add appflow action** \<name\> **-collectors** \<string\> ...


    add appflow action act -collectors MyInsight
  5. Create an AppFlow policy to specify the rule for generating the traffic.

    add appflow policy** \<policyname\> \<rule\> \<action\>


    add appflow policy pol true act
  6. Bind the AppFlow policy to a global bind point.

    bind appflow global** \<policyname\> \<priority\> **-type** \<type\>


    bind appflow global pol 1 -type ICA_REQ_DEFAULT


    The value of type must be ICA_REQ_OVERRIDE or ICA_REQ_DEFAULT to apply to ICA traffic.

  7. Set the value of the flowRecordInterval parameter for AppFlow to 60 seconds.

    set appflow param -flowRecordInterval 60


    set appflow param -flowRecordInterval 60
  8. Save the configuration.

    save ns config
Enable data collection to monitor Citrix ADCs deployed in LAN user mode