Citrix Gateway

Optimize network traffic with Citrix SD-WAN WANOP

When users log on with the Citrix Secure Access agent, the connection can be optimized by using the Citrix SD-WAN WANOP plug-in, which installs on the user device from Citrix SD-WAN WANOP. When the connection is optimized by using the Citrix SD-WAN WANOP plug-in, network traffic is compressed and accelerated through Citrix Gateway. When Citrix SD-WAN WANOP is enabled for a connection, TCP compression policies on the Citrix Gateway are disabled.

The Citrix SD-WAN WANOP plug-in is deployed and is compatible with the Citrix Secure Access agent.

Citrix Gateway supports Versions 5.5 and 6.1 of the Repeater plug-in and Versions 6.2 and 7.0 of the Citrix SD-WAN WANOP plug-in.

The Citrix SD-WAN WAN optimization and flow control take precedence over Citrix Gateway optimization features that require dynamic content modification. If Citrix SD-WAN WAN optimization is enabled for HTTP traffic, the following Citrix Gateway features are not available:

  • Single sign-on to Web applications
  • File type association
  • HTTP authorization

To allow single sign-on to Web applications, you can disable acceleration on HTTP. To do so, you use the command line. Log on to the Citrix Gateway serial console and then at a command prompt, type:

add vpn trafficAction ssoact http -SSO ON

Network traffic destined for a configured HTTP port on Citrix Gateway is excluded automatically from Citrix SD-WAN WAN optimization. This is the default setting. If you configure a traffic policy for Citrix SD-WAN WAN optimization on an HTTP port, the traffic policy is honored and the network traffic is optimized by Citrix SD-WAN WANOP. However, the Citrix Gateway optimization features are disabled for all traffic affected by that policy. Citrix SD-WAN WANOP can accelerate network traffic destined for non-HTTP ports without affecting other Citrix Gateway features.

You use a traffic policy to configure user connections to use the Citrix SD-WAN WANOP plug-in. You can then bind the policy to users, groups, virtual servers, or globally. The policy is prioritized based on where you bind the policy or by the priority number you give the policy.

To create a traffic policy

  1. Navigate to Citrix Gateway > Policies > Traffic.
  2. In the details pane, click Add.
  3. In Name type a name for the policy.
  4. Next to Request Profile, click New.
  5. In Name, type a name for the profile.
  6. In Branch Repeater, select ON and then click Create.
  7. In the Create Traffic Policy dialog box, next to Add Expression, select or enter an expression that represents the traffic types to enable Citrix SD-WAN WANOP acceleration.
  8. Click Add Expression, click Create. and then click Close.

When adding an expression, choose a network expression to use the same IP addresses and port ranges for which the Citrix SD-WAN WANOP is configured to accelerate. For Citrix SD-WAN WANOP acceleration to occur, the traffic types configured on Citrix Gateway must match the Service Class Policies configured on Citrix SD-WAN WANOP.

All TCP traffic benefits from Citrix SD-WAN WANOP acceleration. If you are planning to use single sign-on, do not accelerate HTTP traffic because the acceleration disables single sign-on.

Optimize network traffic with Citrix SD-WAN WANOP