Application Delivery Management

Enable data collection to monitor NetScaler ADCs deployed in LAN user mode

External users who access Citrix Virtual Apps and Desktops applications must authenticate themselves on the Citrix Gateway. Internal users, however, might not require to be redirected to the Citrix Gateway. Also, in a transparent mode deployment, the administrator must manually apply the routing policies, so that the requests are redirected to the NetScaler appliance.

To overcome these challenges, and for LAN users to directly connect to Citrix Virtual Apps and Desktops applications, you can deploy the NetScaler appliance in a LAN user mode by configuring a cache redirection virtual server, which acts as a SOCKS proxy on the Citrix Gateway appliance.

Figure 4. Citrix ADM deployed in LAN User Mode

localized image

Note

Citrix ADM and Citrix Gateway appliance reside in the same subnet.

To monitor Citrix appliances deployed in this mode, first add the Citrix appliance to the NetScaler Insight inventory, enable AppFlow and then view the reports on the dashboard.

After you add the Citrix appliance to the Citrix ADM inventory, you must enable AppFlow for data collection.

Note

  • You cannot enable data collection on a NetScaler ADC deployed in LAN User mode by using the Citrix ADM configuration utility.
  • For detailed information about the commands and their usage, see Command Reference.
  • For information on policy expressions, see Policies and Expressions.

To configure data collection on a NetScaler appliance by using the command line interface:

At the command prompt, do the following:

  1. Log on to an appliance.

  2. Add a forward proxy cache redirection virtual server with the proxy IP and port, and specify the service type as HDX.

    add cr vserver <name> <servicetype> [<ipaddress> <port>] [-cacheType <cachetype>] [ - cltTimeout <secs>]
    <!--NeedCopy-->
    

    Example:

    add cr vserver cr1 HDX 10.12.2.2 443 –cacheType FORWARD –cltTimeout 180
    <!--NeedCopy-->
    

    Note If you are accessing the LAN network by using a Citrix Gateway appliance, add an action to be applied by a policy that matches the VPN traffic.

    add vpn trafficAction** \<name\> \<qual\> \[-HDX ( ON | OFF )\]
    
    add vpn trafficPolicy** \<name\> \<rule\> \<action\>
    <!--NeedCopy-->
    

    Example:

    add vpn trafficAction act1 tcp -HDX ON
    
    add vpn trafficPolicy pol1 "REQ.IP.DESTIP == 10.102.69.17" act1
    <!--NeedCopy-->
    
  3. Add Citrix ADM as an appflow collector on the Citrix ADC appliance.

    add appflow collector** \<name\> **-IPAddress** \<ip\_addr\>
    <!--NeedCopy-->
    

    Example:

    add appflow collector MyInsight -IPAddress 192.168.1.101
    <!--NeedCopy-->
    
  4. Create an appflow action and associate the collector with the action.

    add appflow action** \<name\> **-collectors** \<string\> ...
    <!--NeedCopy-->
    

    Example:

    add appflow action act -collectors MyInsight
    <!--NeedCopy-->
    
  5. Create an appflow policy to specify the rule for generating the traffic.

    add appflow policy** \<policyname\> \<rule\> \<action\>
    <!--NeedCopy-->
    

    Example:

    add appflow policy pol true act
    <!--NeedCopy-->
    
  6. Bind the appflow policy to a global bind point.

    bind appflow global** \<policyname\> \<priority\> **-type** \<type\>
    <!--NeedCopy-->
    

    Example:

    bind appflow global pol 1 -type ICA\_REQ\_DEFAULT
    <!--NeedCopy-->
    

    Note The value of type should be ICA_REQ_OVERRIDE or ICA_REQ_DEFAULT in order to apply to ICA traffic.

  7. Set the value of the flowRecordInterval parameter for Appflow to 60 seconds.

    set appflow param -flowRecordInterval 60
    <!--NeedCopy-->
    

    Example:

    set appflow param -flowRecordInterval 60
    <!--NeedCopy-->
    
  8. Save the configuration.

    save ns config
    <!--NeedCopy-->
    
Enable data collection to monitor NetScaler ADCs deployed in LAN user mode