-
How User Connections Work with the NetScaler Gateway Plug-in
-
Establishing the Secure Tunnel
-
-
Integrating the NetScaler Gateway Plug-in with Citrix Receiver
Thank you for the feedback
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已动态机器翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This content has been machine translated dynamically.
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.
Este artigo foi traduzido automaticamente.
这篇文章已经过机器翻译.放弃
Translation failed!
Establishing the Secure Tunnel
When users connect with the NetScaler Gateway Plug-in, Worx Home, or Citrix Receiver, the client software establishes a secure tunnel over port 443 (or any configured port on NetScaler Gateway) and sends authentication information. When the tunnel is established, NetScaler Gateway sends configuration information to the NetScaler Gateway Plug-in, Worx Home, or Receiver describing the networks to be secured and containing an IP address if you enable address pools.
Tunneling Private Network Traffic over Secure Connections
When the NetScaler Gateway Plug-in starts and the user is authenticated, all network traffic destined for specified private networks is captured and redirected over the secure tunnel to NetScaler Gateway. Receiver must support the NetScaler Gateway Plug-in to establish the connection through the secure tunnel when users log on.
Worx Home, Worx Mail, and WorxWeb use Micro VPN to establish the secure tunnel for iOS and Android mobile devices.
NetScaler Gateway intercepts all network connections that the user device makes and multiplexes them over Secure Sockets Layer (SSL) to NetScaler Gateway, where the traffic is demultiplexed and the connections are forwarded to the correct host and port combination.
The connections are subject to administrative security policies that apply to a single application, a subset of applications, or an entire intranet. You specify the resources (ranges of IP address/subnet pairs) that remote users can access through the VPN connection.
The NetScaler Gateway Plug-in intercepts and tunnels the following protocols for the defined intranet applications:
- TCP (all ports)
- UDP (all ports)
- ICMP (types 8 and 0 - echo request/reply)
Connections from local applications on the user device are securely tunneled to NetScaler Gateway, which reestablishes the connections to the target server. Target servers view connections as originating from the local NetScaler Gateway on the private network, thus hiding the user device. This is also called reverse Network Address Translation (NAT). Hiding IP addresses adds security to source locations.
Locally, on the user device, all connection-related traffic, such as SYN-ACK, PUSH, ACK, and FIN packets, is recreated by the NetScaler Gateway Plug-in to appear from the private server.
Thank you for the feedback
Share
Share
In this article
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select Do Not Agree to exit.