Citrix Gateway VPN client registry keys
The VPN client registry keys are available under HKEY_LOCAL_MACHINE\SOFTWARE\Citrix\Secure Access Client. The following table lists the Citrix Gateway VPN client registry keys, values, and a brief description of each value.
| Registry key | Registry type | Values and description |
|---|---|---|
| AlwaysOnService | REG_DWORD | 1 => Establish machine level tunnel but not user level tunnel. 2 => Establish machine level tunnel and user level tunnel. |
| AlwaysOnURL | REG_SZ | URL of the Citrix Gateway virtual server the user wants to connect to. Example: https://xyz.companyDomain.com
|
| AlwaysOn | REG_DWORD | 1 => Allow network access on VPN failure. 2=> Block network access on VPN failure. |
| locationDetection | REG_DWORD | 1 => To enable location detection. 0 => To disable location detection. |
| suffixList | REG_SZ | Comma separated list of intranet domains. Used when location detection is enabled. |
| AlwaysOnWhitelist | REG_SZ | Semicolon separated list of IP addresses or FQDNs to be whitelisted by the driver in Always On strict mode. |
| ProductVersion | REG_SZ | Current Citrix Gateway plug-in installed version. |
| InstallDir | REG_SZ | Location where the Citrix Gateway plug-in is installed. |
| userCertCAList | REG_SZ | Used in the context of the Always On service where a customer can specify the list of CAs to choose the client certificate from. |
| addedRoutes/modifiedRoutes | REG_SZ | Created for internal plug-in communication. Users must not modify this key. |
| ProductCode | REG_SZ | This key is used internally. Users must not modify this key |
| EnableAutoUpdate | REG_DWORD | Used to control plug-in update functionality from the client side. Set to 0 to disable auto-update functionality. Set to 1 to respect ADC configuration. |
| Connected | REG_DWORD | On successful connection this key is set to 1 and else set to 0. This key is used internally. Users must not modify this key. |
| EnableVA | REG_DWORD | If Citrix Virtual adapter must be enabled when IIP is present. This key is used internally. Users must not modify this key. |
| DisableGA | REG_DWORD | Set to 1 to disable Google analytics. |
| DisableCredProv | REG_DWORD | When Always On before user logon is enabled, the Windows VPN plug-in adds the credential provider to display the tunnel status on the logon screen. If you do not need this additional functionality, create and set this registry to 1. |
| ClientControl | REG_DWORD | 1 => Allows users to log out or connect to other gateways. 0 => Blocks users to log out or connect to other gateways. |
| ForcedLogging | REG_DWORD | Set this key to 1 to enable debug logging. |
| NoDHCPRoute | REG_DWORD | If set to 1, the DHCP server route is not added. |
| DisableIntuneDeviceEnrollment | REG_DWORD | If set to 1, Intune device enrollment is not performed. |
| HttpTimeout | REG_DWORD | HTTP timeout is configured in seconds. If timeout is not configured, the default timeout is used. The default timeout value is 100 seconds, based on Windows standards. |
Important:
You can apply registry keys based on your deployments. For example, the AlwaysOnService registry is applicable only for Always on service whereas the ClientControl registry is not applicable for Always on service. Check the individual deployment documentation for more details.
Citrix Gateway VPN client registry keys
In this article
Copied!
Failed!