Configuring Settings with the Quick Configuration Wizard
You can configure settings in Citrix Gateway to enable communication with Citrix Endpoint Management, StoreFront, or Web Interface by using the Quick Configuration wizard. When you complete the configuration, the wizard creates the correct policies for communication between Citrix Gateway, Endpoint Management, StoreFront, or the Web Interface. These policies include authentication, session, and clientless access policies. When the wizard completes, the policies are bound to the virtual server.
When you complete the Quick Configuration wizard, Citrix Gateway can communicate with Endpoint Management or StoreFront, and users can access their Windows-based applications and virtual desktops and web, SaaS, and mobile apps. Users can then connect directly to Endpoint Management.
During the wizard, you configure the following settings:
- Virtual server name, IP address, and port
- Redirection from an unsecure to a secure port
- LDAP server
- RADIUS server
- Client certificate for authentication (only for two-factor authentication)
- Endpoint Management, StoreFront, or Web Interface
The Quick Configuration wizard supports LDAP, RADIUS, and client certificate authentication. You can configure two-factor authentication in the wizard by following these guidelines:
- If you select LDAP as your primary authentication type, you can configure RADIUS as the secondary authentication type.
- If you select RADIUS as your primary authentication type, you can configure LDAP as the secondary authentication type.
- If you select client certificates as your primary authentication type, you can configure LDAP or RADIUS as the secondary authentication type.
You cannot create multiple LDAP authentication policies by using the Quick Configuration wizard. For example, you want to configure one policy that uses sAMAccountName in the Server Logon Name Attribute field and a second LDAP policy that uses the User Principal Name (UPN) in the Server Logon Name Attribute field. To configure these separate policies, use the Citrix Gateway configuration utility to create the authentication policies. For more information, see Configuring LDAP Authentication.
You can configure certificates for Citrix Gateway in the Quick Configuration wizard by using the following methods:
- Select a certificate that is installed on the appliance.
- Install a certificate and private key.
- Select a test certificate. Note: If you use a test certificate, you must add the fully qualified domain name (FQDN) that is in the certificate.
You can open the Quick Configuration wizard in one of the following two ways:
- When you are on the Citrix Gateway logon page and select Citrix Gateway in Deployment Type, the Home tab appears. If you select any other option in Deployment Type, the Home does not appear.
- From the link Create/Monitor Citrix Gateway in the Citrix Gateway details pane. The link appears if you install a license that enables Citrix ADC features. If you license the appliance for Citrix Gateway only, the link does not appear.
After you initially run the wizard, you can run the wizard again to create additional virtual servers and settings.
Important: If you use the Quick Configuration wizard to configure an additional Citrix Gateway virtual server, you must use an unique IP address. You cannot use the same IP address that is used on an existing virtual server. For example, you have a virtual server with the IP address 192.168.10.5 with a port number of 80. You run the Quick Configuration wizard to create a second virtual server with the IP address 192.168.10.5 with port number 443. When you try to save the configuration, an error occurs.
To configure settings with the Quick Configuration wizard
- In the configuration utility, do one of the following:
- If the appliance is licensed for Citrix Gateway only, click the Home tab.
- If the appliance is licensed to include Citrix ADC features, on the Configuration tab, in the navigation pane, click Citrix Gateway and then in the details pane, under Getting Started, click Configure Citrix Gateway for Enterprise Store.
- In the dashboard, click Create New Citrix Gateway.
- In Citrix Gateway Settings, configure the following:
- In Name, type a name for the virtual server.
- In IP address, type the IP address for the virtual server.
- In Port, type the port number. The default port number is 443.
- Select Redirect requests from port 80 to secure port to allow user connections from port 80 to go to port 443.
- Click Continue.
- On the Certificate page, do one of the following:
- Click Choose Certificate and then in Certificate, select the certificate.
- Click Install Certificate and then in Choose Certificate and in Choose Key, click Browse to navigate to the certificate and private key.
- Click Use Test Certificate and then in Certificate FQDN enter the fully qualified domain name (FQDN) contained in the test certificate.
- Click Continue.
- In Authentication Settings, do the following:
- In Primary Authentication, select LDAP, RADIUS, or Cert.
- Select an authentication server or configure the settings for the authentication type you selected in the previous step. If you select Cert, either select the client certificate or install a new client certificate.
- In Secondary Authentication, select the authentication type and then configure the authentication server settings.
- Click Continue.
When you finish configuring the network and authentication settings, you can then configure Citrix Endpoint Management or Citrix Virtual Apps and Desktops (StoreFront or Web Interface) settings.
Configuring Enterprise Store Settings
Citrix Gateway supports user access to web, SaaS, and mobile apps and ShareFile only through Endpoint Management. If you also deploy StoreFront or the Web Interface, users have access to Windows-based apps and virtual desktops. You can configure settings for the following options:
- Endpoint Management only
- StoreFront only
- Endpoint Management and StoreFront together
- Web Interface only
When you click Continue from the preceding procedure, you can then configure the settings for your deployment scenario. The following procedures start on the Citrix Integration Settings page.
After you create the virtual server, editing the virtual server in the Quick Configuration wizard does not allow you to change Citrix Endpoint Management or Citrix Virtual Appsand Desktops settings.
For example, if you cancel the configuration of a virtual server at any stage before configuring the Citrix Enterprise Store settings, the wizard automatically selects the Web interface without configuring any settings. When this situation occurs, you can edit the virtual server details for configuring the Web Interface, but you cannot switch to Citrix Endpoint Management. To switch, you must create a new virtual server and must not cancel the wizard at any time during the configuration. If you do not need the Web Interface virtual server, you can delete it by using the Quick Configuration wizard.
To configure settings for StoreFront only
- Click Citrix Virtual Apps and Desktops.
- In Deployment Type, select StoreFront.
- In StoreFront FQDN, enter the fully qualified domain name (FQDN) of the StoreFront server.
- In Receiver for Web Path, leave the default path or enter your own path.
- Select HTTPS for secure user connections.
- In Single Sign-on Domain, enter the domain for StoreFront.
- In STA URL, enter the complete IP address or FQDN of the server running the Secure Ticket Authority (STA) if you deploy StoreFront and provide access to published applications from Citrix Virtual Apps or virtual desktops from Citrix Virtual Desktops.
- Click Done.
When users connect through Citrix Gateway to StoreFront, users can start their apps and desktops from either Receiver for Web or Receiver.
To configure settings for Endpoint Management only
- Click Citrix Endpoint Management.
- In App Controller FQDN, enter the FQDN for Endpoint Management.
- Click Done.
To configure Web Interface settings
- In the Quick Configuration wizard, click Citrix Virtual Apps and Desktops.
- In Deployment Type, select Web Interface and then configure the following:
- In Citrix Virtual Apps Site URL, type the complete IP address or FQDN of the Web Interface.
- In Citrix Virtual Apps Services Site URL, type the complete IP address or FQDN of the Web Interface with the PNAgent Path. You can enter the default path or enter your own path.
- In Single Sign-on Domain, enter the domain to use.
- In STA URL, type the complete IP address or FQDN of the server running the STA.
- Click Done.