Gateway

Optimize network traffic with Citrix SD-WAN WANOP

When users log on with the Citrix Secure Access client, the connection can be optimized by using the Citrix SD-WAN WANOP plug-in, which installs on the user device from Citrix SD-WAN WANOP. When the connection is optimized by using the Citrix SD-WAN WANOP plug-in, network traffic is compressed and accelerated through NetScaler Gateway. When Citrix SD-WAN WANOP is enabled for a connection, TCP compression policies on the NetScaler Gateway are disabled.

The Citrix SD-WAN WANOP plug-in is deployed and is compatible with the Citrix Secure Access client.

NetScaler Gateway supports Versions 5.5 and 6.1 of the Repeater plug-in and Versions 6.2 and 7.0 of the Citrix SD-WAN WANOP plug-in.

The Citrix SD-WAN WAN optimization and flow control take precedence over NetScaler Gateway optimization features that require dynamic content modification. If Citrix SD-WAN WAN optimization is enabled for HTTP traffic, the following NetScaler Gateway features are not available:

  • Single sign-on to Web applications
  • File type association
  • HTTP authorization

To allow single sign-on to Web applications, you can disable acceleration on HTTP. To do so, you use the command line. Log on to the NetScaler Gateway serial console and then at a command prompt, type:

add vpn trafficAction ssoact http -SSO ON
<!--NeedCopy-->

Network traffic destined for a configured HTTP port on NetScaler Gateway is excluded automatically from Citrix SD-WAN WAN optimization. This is the default setting. If you configure a traffic policy for Citrix SD-WAN WAN optimization on an HTTP port, the traffic policy is honored and the network traffic is optimized by Citrix SD-WAN WANOP. However, the NetScaler Gateway optimization features are disabled for all traffic affected by that policy. Citrix SD-WAN WANOP can accelerate network traffic destined for non-HTTP ports without affecting other NetScaler Gateway features.

You use a traffic policy to configure user connections to use the Citrix SD-WAN WANOP plug-in. You can then bind the policy to users, groups, virtual servers, or globally. The policy is prioritized based on where you bind the policy or by the priority number you give the policy.

To create a traffic policy

  1. Navigate to NetScaler Gateway > Policies > Traffic.
  2. In the details pane, click Add.
  3. In Name type a name for the policy.
  4. Next to Request Profile, click New.
  5. In Name, type a name for the profile.
  6. In Branch Repeater, select ON and then click Create.
  7. In the Create Traffic Policy dialog box, next to Add Expression, select or enter an expression that represents the traffic types to enable Citrix SD-WAN WANOP acceleration.
  8. Click Add Expression, click Create. and then click Close.

When adding an expression, choose a network expression to use the same IP addresses and port ranges for which the Citrix SD-WAN WANOP is configured to accelerate. For Citrix SD-WAN WANOP acceleration to occur, the traffic types configured on NetScaler Gateway must match the Service Class Policies configured on Citrix SD-WAN WANOP.

All TCP traffic benefits from Citrix SD-WAN WANOP acceleration. If you are planning to use single sign-on, do not accelerate HTTP traffic because the acceleration disables single sign-on.

Optimize network traffic with Citrix SD-WAN WANOP