Citrix Gateway

Citrix Gateway VPN client registry keys

April 14, 2021

Contributed by:

The following table lists the Citrix Gateway VPN client registry keys, values, and a brief description of each value.

Registry key	Registry type	Values and description
`AlwaysOnService`	REG_DWORD	1 => Establish machine level tunnel but not user level tunnel. 2 => Establish machine level tunnel and user level tunnel.
`AlwaysOnURL`	REG_SZ	URL of the Citrix Gateway virtual server the user wants to connect to. Example: `https://xyz.companyDomain.com`
`AlwaysOn`	REG_DWORD	1 => Allow network access on VPN failure. 2=> Block network access on VPN failure.
locationDetection	REG_DWORD	1 => To enable location detection. 0 => To disable location detection.
suffixList	REG_SZ	Comma separated list of intranet domains. Used when location detection is enabled.
`AlwaysOnWhitelist`	REG_SZ	Semicolon separated list of IP addresses or FQDNs to be whitelisted by the driver in Always On strict mode.
ProductVersion	REG_SZ	Current Citrix Gateway plug-in installed version.
InstallDir	REG_SZ	Location where the Citrix Gateway plug-in is installed.
userCertCAList	REG_SZ	Used in the context of the Always On service where a customer can specify the list of CAs to choose the client certificate from.
addedRoutes/modifiedRoutes	REG_SZ	Created for internal plug-in communication. Users must not modify this key.
ProductCode	REG_SZ	This key is used internally. Users must not modify this key
EnableAutoUpdate	REG_DWORD	To control Windows plug-in upgrade from the client side if value set to 0, by default the value set to 1.
Connected	REG_DWORD	On successful connection this key is set to 1 and else set to 0. This key is used internally. Users must not modify this key.
EnableVA	REG_DWORD	If Citrix Virtual adapter must be enabled when IIP is present. This key is used internally. Users must not modify this key.
ClientControl	REG_DWORD	1 => Allows users to log out or connect to other gateways. 0 => Blocks users to log out or connect to other gateways.
ForcedLogging	REG_DWORD	Must be set to 1 for enabling Always On service logging.
NoDHCPRoute	REG_DWORD	If set to 1, the DHCP server route is not added.
DisableIntuneDeviceEnrollment	REG_DWORD	If set to 1, Intune device enrollment is not performed.
HttpTimeout	REG_DWORD	HTTP timeout is configured in seconds. If timeout is not configured, the default timeout is used. The default timeout value is 100 seconds, based on Windows standards.

Important:

You can apply registry keys based on your deployments. For example, the AlwaysOnService registry is applicable only for Always on service whereas the ClientControl registry is not applicable for Always on service. Check the individual deployment documentation for more details.

The official version of this content is in English. Some of the Citrix documentation content is machine translated for your convenience only. Citrix has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Citrix product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Citrix, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Citrix will not be held responsible for any damage or issues that may arise from using machine-translated content.

Citrix Gateway VPN client registry keys

April 14, 2021

Contributed by:

April 14, 2021

Contributed by:

Citrix Gateway VPN client registry keys

In this article