Gateway

Configuring Citrix Gateway Settings in the Web Interface 5.4

To use Citrix Gateway in your deployment, you must configure the Web Interface support the appliance. To do this, use the Secure Access task in the Citrix Web Interface Management console.

To configure Citrix Gateway settings in the Web Interface

  1. On the Windows Start menu, click All Programs > Citrix > Management Consoles > Citrix Web Interface Management.
  2. In the left pane of the Citrix Web Interface Management console, click either Citrix Virtual Apps Web Sites or Citrix Virtual Apps Services Sites and then select your site in the results pane.
  3. In the Action pane, click Secure Access.
  4. On the Specify Access Methods page, do one of the following:
    • Click Add to add a new access route.
    • Select an existing route from the list and then click Edit.
  5. From the Access method list, select one of the following options:
    • If you want to send the actual address of the Citrix server to Citrix Gateway, select Gateway Direct.
    • If you want to send the alternate address of the Citrix Virtual Apps server to Citrix Gateway, select Gateway alternate. Note: Citrix Virtual Desktops virtual desktops cannot be accessed if alternate addresses are used.
    • If you want the address given to Citrix Gateway to be determined by the address translation mappings set in the Web Interface, select Gateway translated.
  6. Enter the network address and subnet mask that identify the client network. Use the Move Up and Move Down buttons to place the access routes in order of priority in the User device addresses table and then click Next.
  7. If you are not using gateway address translation, continue to Step 10. If you are using gateway address translation, do one of the following on the Specify Address Translations page:
    • Click Add to add a new address translation.
    • Select an existing address translation from the list and then click Edit.
  8. In the Access Type area, select one of the following options:
    • If you want Citrix Gateway to use the translated address to connect to the Citrix server, select Gateway route translation.
    • If you configured a client translated route in the User device addresses table and want both the Citrix client and Citrix Gateway to use the translated address to connect to the Citrix server, select User device and gateway route translation.
  9. Enter the internal and external (translated) ports and addresses for the Citrix server, click OK and then click Next. When Citrix Gateway connects to the Citrix server, it uses the external port number and address. Ensure that the mappings you create match the type of addressing being used by the server farm.
  10. On the Specify Gateway Settings page, specify the fully qualified domain name (FQDN) and port number of the Citrix Gateway appliance that clients must use. The FQDN must match what is on the certificate installed on the gateway.
  11. Select Enable session reliability if you want the Citrix server to keep disconnected sessions open while the client attempts to reconnect automatically.
  12. Select Request tickets from two STAs where available if you enabled session reliability and want to use simultaneous ticketing from two Secure Ticket Authority (STA) servers. When you enable this option, the Web Interface obtains tickets from two different STAs so that user sessions are not interrupted if one STA becomes unavailable during the course of the session. If for any reason the Web Interface is unable to contact two STAs, it falls back to using a single STA. Click Next.
  13. On the Specify Secure Ticket Authority Settings page, do one of the following: - Click Add to specify the URL of a STA that the Web Interface can use. - Select an entry from the list and then click Edit.
Use the Move Up and Move Down buttons to place the STAs in order of priority.
STAs are included with the Citrix XML Service; for example, `http\[s\]://servername.domain.com/scripts/ctxsta.dll`.

You can specify more than one STA for fault tolerance; however, Citrix recommends that you do not use an external load balancer for this purpose.

14/. Select Use for load balancing to choose whether or not to enable load balancing between STAs. Enabling load balancing allows you to evenly distribute connections among servers so that no one server becomes overloaded.

  1. Select Bypass failed servers for to specify the length of time that unreachable STAs should be bypassed.
The Web Interface provides fault tolerance among the servers on the STA URLs list so that if a communication error occurs, the failed server is bypassed for the specified time period.
Configuring Citrix Gateway Settings in the Web Interface 5.4