Citrix SD-WAN

Customize the plug-in MSI file

You can change parameters in the WANOP Client Plug-in distribution file, which is in the standard Microsoft Installer (MSI) format. Customization requires the use of an MSI editor.

Note

The altered parameters in your edited. MSI file apply only to new installations. When existing plug-in users update to a new release, their existing settings are retained. Therefore, after changing the parameters, you should advise your users to uninstall the old version before installing the new one.

Best Practices:

Create a DNS entry that resolves to the nearest plug-in-enabled appliance. For example, define “Repeater.mycompany.com” and have it resolve to your appliance, if you have only one appliance. Or, if you have, say, five appliances, have Repeater.mycompany.com resolve to one of your five appliances, with the appliance selected on the basis of closeness to the client or to the VPN unit. For example, a client using an address associated with a particular VPN should see Repeater.mycompany.com resolve to the IP address of the WANOP Client Plug-in appliance connected to that VPN . Build this address into your plug-in binary with an MSI editor, such as Orca. When you add, move, or remove appliances, changing this single DNS definition on your DNS server updates the appliance list on your plug-ins automatically.

You can also have the DNS entry resolve to multiple appliances, but this is undesirable unless all appliances are configured identically, because the plug-in takes some of it characteristics from the leftmost appliance in the list and applies them globally (including SSL compression characteristics). This can lead to undesirable and confusing results, especially if the DNS server rotates the order of IP addresses for each request.

Install the Orca MSI Editor:

There are many MSI editors such as Orca, which is part of Microsoft’s free Platform SDK and can be downloaded from Microsoft.

  • To install the Orca MSI Editor

    1. Download the PSDK-x86.exe version of the SDK and execute it. Follow the installation instructions.

    2. Once the SDK is installed, the Orca editor must be installed. It will be under Microsoft Platform SDK\Bin\Orca.Msi. Launch Orca.msi to install the actual Orca editor (orca.exe).

    3. Running Orca–Microsoft provides its Orca documentation online. The following information describes how to edit the most important WANOP Client Plug-in Plug-in parameters.

    4. Launch Orca with Start > All Programs > Orca. When a blank Orca window appears, open the WANOP Client Plug-in Plug-in MSI file with File > Open.

      Figure 1. Using Orca

      localized image

    5. On the Tables menu, click Property. A list of all the editable properties of the .MSI file appears. Edit the parameters shown in the following table. To edit a parameter, double-click on its value, type the new value, and press Enter.

      Parameter Description Default Comments
      WSAPPLIANCES List of appliances None Enter the IP or DNS addresses of your WANOP appliances here, in a comma-separated list in the form of { appliance1, appliance2, appliance3 } . If the port used for signaling connections is different from the default (443), specify the port in the form Appliance1:port_number .
      DBCMINSIZE Minimum amount of disk space to use for compression, in megabytes 250 Changing this to a larger value (for example, 2000) improves compression performance but prevents installation if there is not enough disk space. The plug-in will not install unless there is at least 100 MB of free disk space in addition to the value that you specify for DBCMINSIZE.
      EKEYPEM Private key for the plug-in. Part of the certificate/key pair used with SSL compression None Use Orca’s Paste Cell command. The normal Paste function does not preserve the key’s format. Should be a private key in PEM format (starting with —–BEGIN RSA PRIVATE KEY—– )
      X509CERTPEM Certificate for the plug-in. Part of the certificate/key pair used with SSL compression None Use Orca’s Paste Cell command. The normal Paste function does not preserve the key’s format. Should be a certificate in PEM format (starting with —–BEGIN CERTIFICATE —– )
      CACERTPEM Certification Authority Certificate for the plug-in. Used with SSL compression None Use Orca’s Paste Cell command. The normal Paste function does not preserve the key’s format. Should be a certificate in PEM format (starting with —–BEGIN CERTIFICATE —– )
    6. On the Tables menu, click Property. A list of all the editable properties of the .MSI file appears. Edit the parameters shown in the following table. To edit a parameter, double-click on its value, type the new value, and press Enter.

      Parameter Description Default Comments
      WSAPPLIANCES List of appliances None Enter the IP or DNS addresses of your WANOP Client Plug-in appliances here, in a comma-separated list in the form of { appliance1, appliance2, appliance3 } . If the port used for signaling connections is different from the default (443), specify the port in the form Appliance1:port_number .
      DBCMINSIZE Minimum amount of disk space to use for compression, in megabytes 250 Changing this to a larger value (for example, 2000) improves compression performance but prevents installation if there is not enough disk space. The plug-in will not install unless there is at least 100 MB of free disk space in addition to the value that you specify for DBCMINSIZE.
      PRIVATEKEYPEM Private key for the plug-in. Part of the certificate/key pair used with SSL compression None Use Orca’s Paste Cell command. The normal Paste function does not preserve the key’s format. Should be a private key in PEM format (starting with —–BEGIN RSA PRIVATE KEY—– )
      X509CERTPEM Certificate for the plug-in. Part of the certificate/key pair used with SSL compression None Use Orca’s Paste Cell command. The normal Paste function does not preserve the key’s format. Should be a certificate in PEM format (starting with —–BEGIN CERTIFICATE —– )
      CACERTPEM Certification Authority Certificate for the plug-in. Used with SSL compression None Use Orca’s Paste Cell command. The normal Paste function does not preserve the key’s format. Should be a certificate in PEM format (starting with —–BEGIN CERTIFICATE —– )
    7. When done, use the File: Save As command to save your edited file with a new filename; for example, test.msi.

      Figure 2: Editing Parameters in Orca:

      localized image

    8. When done, use the File: Save As command to save your edited file with a new filename; for example, test.msi.

      Your plug-in software has now been customized.

      Note

      Some users have seen a bug in orca that causes it to truncate files to 1 MB. Check the size of the saved file. If it has been truncated, make a copy of the original file and use the Save command to overwrite the original.

      Once you have customized the appliance list with Orca and distributed the customized MSI file to your users, the user does not need to type in any configuration information when installing the software.

Customize the plug-in MSI file