Choosing the User Access Method
You can configure Citrix Gateway to provide user connections through the following scenarios:
User connections by using Citrix Receiver. Receiver works with StoreFront or the Web Interface to provide users with access to published applications or virtual desktops in a server farm. Receiver is software that uses the ICA network protocol to establish user connections. Users install Receiver on the user device. When users install Receiver on their Windows-based or Mac-based computer, Receiver subsumes all plug-ins, including the Citrix Gateway plug-in for user connections. Citrix Gateway also supports connections from Receiver for Android and Receiver for iOS. Users can connect to their virtual desktops and Windows-based, web, mobile, and SaaS applications through Citrix Endpoint Management, StoreFront, or the Web Interface.
User connections with Secure Hub. Users can connect to mobile, web, and SaaS applications configured in Endpoint Management. Users install Secure Hub on their mobile device (Android or iOS). When users log on to Secure Hub, they can install WorxMail and WorxWeb, along with any other mobile app you installed in Endpoint Management. Secure Hub, Secure Mail, and WorxWeb use Micro VPN technology to establish connections through Citrix Gateway.
User connections by using the Citrix Gateway plug-in as a standalone application. The Citrix Gateway plug-in is software that users can download and install on a user device. When users log on with the plug-in, users can access resources in the secure network as if they were in the office. Resources include email servers, file shares, and intranet Web sites.
User connections by using clientless access. Clientless access provides users with the access they need without requiring installation of software, such as the Citrix Gateway plug-in or Receiver, on the user device. Clientless access allows connections to a limited set of web resources, such as Outlook Web Access or SharePoint, applications published on Citrix Virtual Apps, virtual desktops from Citrix Virtual Apps and Desktops, and file shares in the secure network through the Access Interface. Users connect by entering the Citrix Gateway web address in a web browser and then select clientless access from the choices page.
User connections if a preauthentication or post-authentication scan fails. This scenario is called access scenario fallback. Access scenario fallback allows a user device to fall back from the Citrix Gateway plug-in to StoreFront or the Web Interface, by using Receiver, if the user device does not pass the initial endpoint analysis scan.
If users log on to Citrix Gateway through Receiver, the preauthentication scan does not work. Post-authentication scans do work when Citrix Gateway establishes the VPN tunnel.
Users can download and install the Citrix Gateway plug-in by using the following methods:
- Connecting to Citrix Gateway by using a web browser.
- Connecting to StoreFront that is configured to accept Citrix Gateway connections.
- Installing the plug-in by using a Group Policy Object (GPO).
- Uploading the Citrix ADC plug-in to Merchandising Server.