Product Documentation

Configuring Settings with the Quick Configuration Wizard

You can configure settings in NetScaler Gateway to enable communication with App Controller, StoreFront, or Web Interface by using the Quick Configuration wizard. When you complete the configuration, the wizard creates the correct policies for communication between NetScaler Gateway, App Controller, StoreFront, or the Web Interface. These policies include authentication, session, and clientless access policies. When the wizard completes, the policies are bound to the virtual server.

When you complete the Quick Configuration wizard, NetScaler Gateway can communicate with App Controller or StoreFront, and users can access their Windows-based applications and virtual desktops and web, SaaS, and mobile apps. Users can then connect directly to App Controller.

During the wizard, you configure the following settings:

  • Virtual server name, IP address, and port
  • Redirection from an unsecure to a secure port
  • Certificates
  • LDAP server
  • RADIUS server
  • Client certificate for authentication (only for two-factor authentication)
  • App Controller, StoreFront, or Web Interface

The Quick Configuration wizard supports LDAP, RADIUS, and client certificate authentication. You can configure two-factor authentication in the wizard by following these guidelines:

  • If you select LDAP as your primary authentication type, you can configure RADIUS as the secondary authentication type.
  • If you select RADIUS as your primary authentication type, you can configure LDAP as the secondary authentication type.
  • If you select client certificates as your primary authentication type, you can configure LDAP or RADIUS as the secondary authentication type.

You cannot create multiple LDAP authentication policies by using the Quick Configuration wizard. For example, you want to configure one policy that uses sAMAccountName in the Server Logon Name Attribute field and a second LDAP policy that uses the User Principal Name (UPN) in the Server Logon Name Attribute field. To configure these separate policies, use the NetScaler Gateway configuration utility to create the authentication policies. For more information, see Configuring LDAP Authentication.

You can configure certificates for NetScaler Gateway in the Quick Configuration wizard by using the following methods:

  • Select a certificate that is installed on the appliance.
  • Install a certificate and private key.
  • Select a test certificate. Note: If you use a test certificate, you must add the fully qualified domain name (FQDN) that is in the certificate.

You can open the Quick Configuration wizard in one of the following two ways:

  • When you are on the NetScaler Gateway logon page and select NetScaler Gateway in Deployment Type, the Home tab appears. If you select any other option in Deployment Type, the Home does not appear.
  • From the link Create/Monitor NetScaler Gateway in the NetScaler Gateway details pane. The link appears if you install a license that enables NetScaler features. If you license the appliance for NetScaler Gateway only, the link does not appear.

After you initially run the wizard, you can run the wizard again to create additional virtual servers and settings.

Important: If you use the Quick Configuration wizard to configure an additional NetScaler Gateway virtual server, you must use an unique IP address. You cannot use the same IP address that is used on an existing virtual server. For example, you have a virtual server with the IP address 192.168.10.5 with a port number of 80. You run the Quick Configuration wizard to create a second virtual server with the IP address 192.168.10.5 with port number 443. When you try to save the configuration, an error occurs.

To configure settings with the Quick Configuration wizard

  1. In the configuration utility, do one of the following:
    1. If the appliance is licensed for NetScaler Gateway only, click the Home tab.
    2. If the appliance is licensed to include NetScaler features, on the Configuration tab, in the navigation pane, click NetScaler Gateway and then in the details pane, under Getting Started, click Configure NetScaler Gateway for Enterprise Store.
  2. In the dashboard, click Create New NetScaler Gateway.
  3. In NetScaler Gateway Settings, configure the following:
    1. In Name, type a name for the virtual server.
    2. In IP address, type the IP address for the virtual server.
    3. In Port, type the port number. The default port number is 443.
    4. Select Redirect requests from port 80 to secure port to allow user connections from port 80 to go to port 443.
  4. Click Continue.
  5. On the Certificate page, do one of the following:
    1. Click Choose Certificate and then in Certificate, select the certificate.
    2. Click Install Certificate and then in Choose Certificate and in Choose Key, click Browse to navigate to the certificate and private key.
    3. Click Use Test Certificate and then in Certificate FQDN enter the fully qualified domain name (FQDN) contained in the test certificate.
  6. Click Continue.
  7. In Authentication Settings, do the following:
    1. In Primary Authentication, select LDAP, RADIUS, or Cert.
    2. Select an authentication server or configure the settings for the authentication type you selected in the previous step. If you select Cert, either select the client certificate or install a new client certificate.
    3. In Secondary Authentication, select the authentication type and then configure the authentication server settings.
  8. Click Continue.

When you finish configuring the network and authentication settings, you can then configure XenMobile (App Controller) or XenApp / XenDesktop (StoreFront or Web Interface) settings.

Configuring Enterprise Store Settings

NetScaler Gateway supports user access to web, SaaS, and mobile apps and ShareFile only through App Controller. If you also deploy StoreFront or the Web Interface, users have access to Windows-based apps and virtual desktops. You can configure settings for the following options:

  • App Controller only
  • StoreFront only
  • App Controller and StoreFront together
  • Web Interface only

When you click Continue from the preceding procedure, you can then configure the settings for your deployment scenario. The following procedures start on the Citrix Integration Settings page.

After you create the virtual server, editing the virtual server in the Quick Configuration wizard does not allow you to change XenMobile or XenApp/XenDesktop settings.

For example, if you cancel the configuration of a virtual server at any stage before configuring the Citrix Enterprise Store settings, the wizard automatically selects the Web interface without configuring any settings. When this situation occurs, you can edit the virtual server details for configuring the Web Interface, but you cannot switch to XenMobile. To switch, you must create a new virtual server and must not cancel the wizard at any time during the configuration. If you do not need the Web Interface virtual server, you can delete it by using the Quick Configuration wizard.

To configure settings for StoreFront only

  1. Click XenApp / XenDesktop.
  2. In Deployment Type, select StoreFront.
  3. In StoreFront FQDN, enter the fully qualified domain name (FQDN) of the StoreFront server.
  4. In Receiver for Web Path, leave the default path or enter your own path.
  5. Select HTTPS for secure user connections.
  6. In Single Sign-on Domain, enter the domain for StoreFront.
  7. In STA URL, enter the complete IP address or FQDN of the server running the Secure Ticket Authority (STA) if you deploy StoreFront and provide access to published applications from XenApp or virtual desktops from XenDesktop.
  8. Click Done.

When users connect through NetScaler Gateway to StoreFront, users can start their apps and desktops from either Receiver for Web or Receiver.

To configure settings for App Controller only

  1. Click XenMobile.
  2. In App Controller FQDN, enter the FQDN for App Controller.
  3. Click Done.

To configure Web Interface settings

  1. In the Quick Configuration wizard, click XenApp / XenDesktop.
  2. In Deployment Type, select Web Interface and then configure the following:
    1. In XenApp Site URL, type the complete IP address or FQDN of the Web Interface.
    2. In XenApp Services Site URL, type the complete IP address or FQDN of the Web Interface with the PNAgent Path. You can enter the default path or enter your own path.
    3. In Single Sign-on Domain, enter the domain to use.
    4. In STA URL, type the complete IP address or FQDN of the server running the STA.
  3. Click Done.

Configuring Settings with the Quick Configuration Wizard