Citrix Gateway

Client Software Requirements

Citrix Gateway supports user connections by using the Citrix Gateway plug-in. When users log on with the plug-in, it establishes a full VPN tunnel. With the Citrix Gateway plug-in, users can connect to the network resources to which you allow access.

If endpoint policies are configured on Citrix Gateway, Citrix Gateway downloads and installs the Endpoint Analysis plug-in on the user device automatically when users log on.

Citrix Gateway plug-in system requirements

Citrix Gateway plug-in establishes a secure connection from the client machine to the Citrix Gateway appliance.

The plug-in is distributed as a desktop app for Microsoft Windows, macOS X, and Linux operating systems. After you authenticate to the secure URL of the Citrix Gateway appliance with your Web browser, the plug-in is downloaded and installed automatically on your machine.

The plug-in is provisioned as a mobile app for Android and iOS devices.

Note:

  • To install the plug-in, admin/root privileges are required on the operating system.

  • The browsers that support the Citrix Gateway plug-in also support clientless VPN.

Citrix Gateway plug-in as a desktop app is supported for the following operating systems and Web browsers.

Operating System Supported Browsers
macOS X (10.9 and later) Safari 7.1 or later; Google Chrome Release 30 or later; Mozilla Firefox Release 30 or later
Windows 10 (x86 and x64) Internet Explorer 11; Google Chrome Release 30 or later; Mozilla Firefox Release 24 or later; Edge Chromium
Windows 8.1 Internet Explorer 11; Google Chrome Release 30 or later; Mozilla Firefox Release 24 or later; Edge Chromium
Windows 8 Internet Explorer 9 and 10; Google Chrome Release 30 or later; Mozilla Firefox Release 24 or later; Edge Chromium
Linux; Ubuntu 18.04 LTS, 16.04 LTS, 14.04 LTS, and 12.04 LTS. 32-bit and 64-bit OS is supported. Mozilla Firefox Release 44 and above; Google Chrome 50 and above

Important: Due to a bug (1573408) in Ubuntu 16.04 LTS, the VPN plug-in installation fails. The workaround for the same is listed as follows.

Type the following command using the command line interface:

sudo dpkg -i nsgclient*.deb
<!--NeedCopy-->

If the required dependency packages are missing, the command lists them and the plug-in installation fails. These dependency packages must be manually installed. Administrators can install a missing package by typing the following command using the command line interface.

apt-get install <dependency package>
<!--NeedCopy-->

Citrix Gateway plug-in as a mobile app is supported for the following operating systems.

VPN App Supported Operating Systems
Android Android 7.0 and later
iOS iOS 12.0 and later

Endpoint Analysis requirements

Citrix Gateway installs the Endpoint Analysis plug-in on the user device. The Endpoint Analysis plug-in scans the user device for the endpoint security requirements that you have configured on Citrix Gateway. The requirements include information, such as the operating system, antivirus, or web browser versions.

When Windows users connect to Citrix Gateway using the browser for the first time, the portal requests the installation of the Endpoint Analysis plug-in. On subsequent logon attempts, the plug-in checks the upgrade control configuration to check if the client endpoint analysis plug-in upgrade is necessary. If it is necessary, the user receives a prompt to download and install the newer Endpoint Analysis plug-in. The Endpoint Analysis plug-in for Windows is installed as a Windows 32-bit application. No special privileges are required to install or use it.

For macOS, the user is required to install the Endpoint Analysis plug-in. The plug- in for macOS is installed as a 64-bit application. No special privileges are necessary to install it. On subsequent logon attempts, if the plug-in versions do not match, the user is prompted to download and install the plug-in.

The tooltips on the Admin UI console explain the scans in detail. For details on the EPA libraries, see https://www.citrix.com/en-in/downloads/citrix-gateway/epa-libraries/.

Important:

  • The browsers that support EPA also support clientless VPN.

  • In pre-authentication endpoint analysis, the user cannot log on with the Citrix Gateway plug-in if the user does not install the Endpoint Analysis plug-in or skips the scan.

  • In post-authentication endpoint analysis, the user can access resources for which a scan is not required by using either clientless access or by using the Citrix Workspace app.

  • For OPSWAT related scans, you must install the binary package epaPackage.exe on the client machine.

The following software is required on the user devices to use the Endpoint Analysis plug-in:

Operating System Supported Browsers
macOS (10.9 and later) Safari 7.1 or later; Google Chrome Release 30 or later; Mozilla Firefox Release 30 or later
Windows 10 Internet Explorer 11; Google Chrome Release 30 or later; Mozilla Firefox Release 24 or later; Edge Chromium
Windows 8.1 Internet Explorer 11; Google Chrome Release 30 or later; Mozilla Firefox Release 24 or later; Edge Chromium
Windows 8 Internet Explorer 9 and 10; Google Chrome Release 30 or later; Mozilla Firefox Release 24 or later; Edge Chromium
Windows 7 Internet Explorer 9 and 10, and 11; Google Chrome Release 30 or later; Mozilla Firefox Release 24 or later; Edge Chromium
Windows Vista Internet Explorer 9; Mozilla Firefox Release 9 and 10
Linux; Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 18.04 LTS. Both 32-bit and 64-bit OS are supported. Both 32-bit and 64-bit OS are supported. Mozilla Firefox Release 44 and later; Google Chrome 50 and later

Note:

  • All editions of the operating system variants mentioned previously are supported.

  • For Windows editions, all service packs and critical updates must be installed.

  • For Internet Explorer versions, cookies must be enabled. The minimum required version is 7.0.

  • For Mozilla Firefox versions, Endpoint Analysis must be plug-in enabled, the minimum required version is 3.0.

Client Software Requirements