Gateway

Creating a Traffic Policy

To configure a traffic policy, you create a profile and configure the following parameters:

  • Protocol (HTTP or TCP)
  • Application time-out
  • Single sign-on to web applications
  • Form single sign-on
  • File type association
  • Repeater plug-in
  • Kerberos Constrained Delegated (KCD) accounts

After you create the traffic policy, you can bind the policy to virtual servers, users, groups, or globally.

For example, you have the web application PeopleSoft Human Resources installed on a server in the internal network. You can create a traffic policy for this application that defines the destination IP address, the destination port, and you can set the amount of time a user can stay logged on to the application, such as 15 minutes.

If you want to configure other features, such as HTTP compression to an application, you can use a traffic policy to configure the settings. When you create the policy, use the HTTP parameter for the action. In the expression, create the destination address for the server running the application.

To configure a traffic policy

  1. In the configuration utility, on the Configuration tab, in the navigation pane, expand Citrix Gateway > Policies, and then click Traffic.

  2. In the details pane, on the Policies tab, click Add.

  3. In the Create Traffic Policy dialog box, in Name, type a name for the policy.

  4. Next to Request Profile, click New.

  5. In Name, type a name for the profile.

  6. In Protocol, select either HTTP or TCP.

    Note: If you select TCP as the protocol, you cannot configure single sign-on and the setting is disabled in the profile dialog box.

  7. In AppTimeout (minutes), type the number of minutes. This setting limits the time users can stay logged on to the web application.

  8. To enable single sign-on to the web application, in Single Sign-On, select ON.

    Note: If you want to use form-based single sign-on, you can configure the settings within the traffic profile. For more information, see Configuring Form-Based Single Sign-On.

  9. To specify a file type association, in File Type Association, select ON.

  10. To use the Repeater plug-in to optimize network traffic, in Citrix SD-WAN, select ON, click Create, and then click Close.

  11. If you configure KCD on the appliance, in KCD Account, select the account.

    For more information about configure KCD on the appliance, see Configuring Kerberos Constrained Delegation on a NetScaler Appliance.

  12. In the Create Traffic Policy dialog box, create or add an expression, click Create, and then click Close.

Creating a Traffic Policy