How Citrix Gateway and Citrix Endpoint Management Integrate

Note: Endpoint Management is no longer supported.

You can configure Citrix Gateway to work with Endpoint Management. In this deployment, Citrix Gateway resides in the DMZ. Endpoint Management and StoreFront reside in the secure network. Citrix Gateway must have access to the same forest that Endpoint Management and StoreFront reside in.

When you configure user connections through Citrix Gateway to Endpoint Management or StoreFront, users can connect in the following ways:

  • By using Receiver.
  • By using Secure Hub, WorxMail, or WorxWeb for iOS and Android devices. To enable this connection, you configure Secure Browse for iOS devices and clientless access in Citrix Gateway. For more information, see Allowing Access from Mobile Devices with Worx Apps.
  • By using Citrix Gateway through a web browser and Receiver for Web.
  • By using Receiver for Android or Receiver for iOS.

Users can connect by using the following versions of Receiver and the following operating systems:

Receiver Operating system
Receiver for Windows 4.1 and 4.2 Window 7 Home (32-bit and 64-bit versions); Windows 7 Enterprise (32-bit and 64-bit versions)
Receiver for Mac 11.5 and 11.6, 11.7, 11.8, and 11.8.2 Mac OS X Mavericks (version 10.9); Mac OS X 10.8; Mac OS X 10.7; Mac OS X 10.6. For more information, see the system requirements for your version of Receiver for Mac in the Receivers and plug-ins node in Citrix eDocs
Receiver for iOS 5.7 and 5.8 iOS 5.1, 6.1.x, and 7. For more information, see the system requirements for your version of Receiver for iOS in the Receivers and plug-ins node in Citrix eDocs
Receiver for Android 3.3 and 3.4 Android 3.2

Users can connect through Citrix Gateway to Endpoint Management by using the following methods:

  • Connect to Receiver for Web by using the Citrix Gateway web address in a web browser. When users connect with clientless access and Receiver for Web, they can start their applications from within the web browser. When you configure Citrix Gateway to support Receiver for Web, other clientless access policies that are bound to the virtual server, such as for Outlook Web App 2010 or SharePoint, are not supported.

    When users connect with Receiver for Web, subscriptions to web or SaaS applications are supported as long as users connect with clientless access through Citrix Gateway 10.

  • Connect to Endpoint Management by using Receiver for Windows by using native protocols. When users connect with clientless access to Endpoint Management or StoreFront, users download a provisioning file from the Receiver for Web site and install the file on the device. Receiver uses settings within the provisioning file to determine if the user device is inside or outside the secure network. Users connect with the Citrix Gateway web address, such as https://\<AccessGatewayFQDN\>. When logon is successful, users can start or subscribe to their web, SaaS, or mobile apps. Users can also access documents located in ShareFile.

    Note: You can also email the provisioning file to users.

  • Connect to Endpoint Management by using Secure Hub. When users connect with Secure Hub from an iOS or Android mobile device, they have access to mobile, web, and SaaS apps.

  • Connect to Endpoint Management by using the Citrix Gateway plug-in. You can use the Citrix Gateway plug-in for Windows or Citrix Gateway plug-in for Mac to connect to web applications hosted by Endpoint Management.

Users can connect to StoreFront only by using the following connection methods:

  • Connect to StoreFront by using email-based discovery. Citrix Gateway supports Accounts Services that allows users to connect by using an email address or the Citrix Gateway FQDN. When users log on, Receiver instructs users about how to configure access.

  • Connect to StoreFront by using PNA Services. If users connect with legacy versions Receiver for Mac, Receiver for Android, or Receiver for iOS, users must manually configure a store within Receiver by using the Citrix Gateway web address. When users successfully log on, they can start their published applications and virtual desktops. Users cannot connect with Receiver for Windows if you use PNA Services.

    Remote access to web or SaaS applications hosted in Endpoint Management through PNA Services is not supported for Receiver for Android or Receiver for iOS.

To allow users to connect with the Citrix Gateway plug-in and access web applications from Endpoint Management, when you configure the application connector in Endpoint Management, you select a check box that identifies that the web application is hosted in the internal network. This adds the VPN keyword to the application and allows the connection request through Citrix Gateway.

How Citrix Gateway and Citrix Endpoint Management Integrate