NetScaler Gateway

Service 12.0 11.1 10.5

NetScaler Gateway Release Notes
About NetScaler Gateway
- NetScaler Gateway Architecture
- How User Connections Work
Common Deployments
- Deploying in the DMZ
- Deploying in the Secure Network
Client Software Requirements
- NetScaler Gateway Plug-in System Requirements
- Endpoint Analysis Requirements
Compatibility with Citrix Products
Licensing
- NetScaler Gateway License Types
- Obtaining Your Platform or Universal License Files
- To install a license on NetScaler Gateway
- Verifying Installation of the Universal License
- Licensing FAQs
Before Getting Started
- Planning for Security
- Prerequisites
- Pre-Installation Checklist
Upgrading
Installing the System
- Configuring NetScaler Gateway
- Using the Configuration Utility
- Policies and Profiles on NetScaler Gateway
- Viewing NetScaler Gateway Configuration Settings
  - Saving the NetScaler Gateway Configuration
  - Clearing the NetScaler Gateway Configuration
- Configuring the NetScaler Gateway by Using Wizards
- Configuring the Host Name and FQDN on NetScaler Gateway
- Installing and Managing Certificates
- Testing Your NetScaler Gateway Configuration
- Creating Virtual Servers
- Configuring IP Addresses on NetScaler Gateway
- Resolving DNS Servers Located in the Secure Network
- Configuring DNS Virtual Servers
- Configuring Name Service Providers
- Configuring Server-Initiated Connections
- Configuring Routing on NetScaler Gateway
- Configuring Auto Negotiation
Authentication and Authorization
- Configuring Default Global Authentication Types
- Configuring Authentication Without Authorization
- Configuring Authorization
  - Configuring Authorization Policies
  - Setting Default Global Authorization
- Disabling Authentication
- Configuring Authentication for Specific Times
- How Authentication Policies Work
  - Configuring Authentication Profiles
  - Binding Authentication Policies
  - Setting Priorities for Authentication Policies
- Configuring Local Users
- Configuring Groups
  - Adding Users to Groups
  - Configuring Policies with Groups
- Configuring LDAP Authentication
  - To configure LDAP authentication by using the configuration utility
  - Determining Attributes in Your LDAP Directory
  - Configuring LDAP Group Extraction
  - Configuring LDAP Group Extraction for Multiple Domains
- Configuring Client Certificate Authentication
  - Configuring and Binding a Client Certificate Authentication Policy
  - Configuring Two-Factor Client Certificate Authentication
  - Configuring Smart Card Authentication
  - Configuring a Common Access Card
- Configuring RADIUS Authentication
  - To configure RADIUS authentication
  - Choosing RADIUS Authentication Protocols
  - Configuring IP Address Extraction
  - Configuring RADIUS Group Extraction
  - Configuring RADIUS user accounting
- Configuring SAML Authentication
  - To configure SAML authentication
  - Auth Improvements for SAML Authentication
- Configuring TACACS+ Authentication
  - Clear Config Basic Should Not Clear TACACS Config
- Configuring Multifactor Authentication
  - Configuring Cascading Authentication
  - Configuring Two-Factor Authentication
- Configuring Single Sign-On
  - Configuring Single Sign-On with Windows
  - Configuring Single Sign-On to Web Applications
  - Configuring Single Sign-On to a Domain
- Configuring One-Time Password Use
  - Configuring RSA SecurID Authentication
  - Configuring Password Return with RADIUS
  - Configuring SafeWord Authentication
  - Configuring Gemalto Protiva Authentication
- nFactor for NetScaler Gateway Authentication
- NetScaler Gateway Visualizer
- Configure Citrix Gateway to use RADIUS and LDAP Authentication with Mobile Devices
- Restrict access to Citrix Gateway for members of one Active Directory group
Optimizing Citrix Gateway VPN split tunnel for Office365
Configuring the VPN User Experience
- How User Connections Work with the NetScaler Gateway Plug-in
- Choosing the User Access Method
- Deploying NetScaler Gateway Plug-ins for User Access
- Selecting the NetScaler Gateway Plug-in for Users
- Integrating the NetScaler Gateway Plug-in with Citrix Receiver
- Customizing the User Portal
  - Prompt users to upgrade older or unsupported browsers by creating a custom page
- Configuring Clientless Access
- Configuring the Client Choices Page
  - Showing the Client Choices Page at Logon
  - Configuring Client Choices Options
- Configuring Access Scenario Fallback
  - Creating Policies for Access Scenario Fallback
- Configuring Connections for the NetScaler Gateway Plug-in
- How a Traffic Policy Works
  - Creating a Traffic Policy
  - Removing Traffic Policies
- Configuring Session Policies
  - Creating a Session Profile
  - Binding Session Policies
- Configuring Endpoint Polices
- Advanced Endpoint Analysis Scans
- Managing User Sessions
- AlwaysON
Configuring NetScaler Gateway
- NetScaler Gateway FAQ
Deploying in a Double-Hop DMZ
- Deploying NetScaler Gateway in a Double-Hop DMZ
- How a Double-Hop Deployment Works
- Communication Flow in a Double-Hop DMZ Deployment
- Preparing for a Double-Hop DMZ Deployment
- Installing and Configuring NetScaler Gateway in a Double-Hop DMZ
Using High Availability
- How High Availability Works
- Configuring Settings for High Availability
  - Creating or Changing an RPC Node Password
  - Configuring the Primary and Secondary Appliances for High Availability
- Configuring Communication Intervals
- Synchronizing NetScaler Gateway Appliances
- Synchronizing Configuration Files in a High Availability Setup
- Configuring Command Propagation
  - Troubleshooting Command Propagation
- Configuring Fail-Safe Mode
- Configuring the Virtual MAC Address
  - Configuring IPv4 Virtual MAC Addresses
  - Configuring IPv6 virtual MAC addresses
- Configuring High Availability Pairs in Different Subnets
  - Adding a Remote Node
- Configuring Route Monitors
  - Adding or Removing Route Monitors
- Configuring Link Redundancy
- Understanding the Causes of Failover
- Forcing Failover from a Node
Using Clustering
- Configuring Clustering
Maintaining and Monitoring the System
- Configuring Delegated Administrators
  - Configuring Command Policies for Delegated Administrators
  - Configuring Custom Command Policies for Delegated Administrators
- Configuring Auditing on NetScaler Gateway
  - Configuring Logs on NetScaler Gateway
  - Configuring ACL Logging
- Enabling NetScaler Gateway Plug-in Logging
- To monitor ICA connections
Integrating with Citrix Products
How Users Connect to Applications, Desktops, and ShareFile
Deploying with XenMobile App Edition, XenApp, and XenDesktop
Accessing XenApp and XenDesktop Resources with the Web Interface
- Integrating NetScaler Gateway with XenApp or XenDesktop
- Establishing a Secure Connection to the Server Farm
- Deploying with the Web Interface
- Setting Up a Web Interface Site to Work
- Configuring Communication with the Web Interface
- Configuring Additional Web Interface Settings on NetScaler Gateway
  - Configuring Web Interface Failover
  - Configuring Smart Card Access with the Web Interface
- Configuring Access to Applications and Virtual Desktops in the Web Interface
- Configuring SmartAccess
- Configuring SmartControl
- Configuring Single Sign-On to the Web Interface
- Allowing File Type Association
  - Creating a Web Interface Site
  - Configuring NetScaler Gateway for File Type Association
Integrate NetScaler Gateway with XenApp and XenDesktop
Integrate NetScaler Gateway with StoreFront
Configuring Settings for Your XenMobile Environment
- Configuring Load Balancing Servers for XenMobile or Citrix Endpoint Management
- Configuring Load Balancing Servers for Microsoft Exchange with Email Security Filtering
- Configuring XenMobile NetScaler Connector (XNC) ActiveSync Filtering
- Allowing Access from Mobile Devices with Citrix Mobile Productivity Apps
- Configuring Domain and Security Token Authentication for XenMobile
- Configuring Client Certificate or Client Certificate and Domain Authentication
Optimizing Network Traffic with CloudBridge
RfWebUI Persona on NetScaler Gateway UX Configuration
RDP Proxy
- Stateless RDP Proxy
NetScaler Gateway Enabled PCoIP Proxy Support for VMware Horizon View
- Configuring NetScaler Gateway Enabled PCoIP proxy for VMWare Horizon View
- Configuring VMware Horizon View Connection Server
HDX Enlightened Data Transport Support
- When to Use Enlightened Data Transport Support
- Configuring NetScaler Gateway to Support Enlightened Data Transport
Microsoft Intune Integration
- When to Use the Integrated Intune MDM Solution
- Understanding the NetScaler Gateway-Intune MDM Integration
- Configuring Network Access Control device check for NetScaler Gateway virtual server for single factor authentication deployment
- Understanding Azure ADAL Token Authentication
- Configuring NetScaler Gateway Virtual Server for Microsoft ADAL Token Authentication
Type of Service Support for UDP traffic
Proxy Auto Configuration for Outbound Proxy support for NetScaler Gateway
Outbound ICA Proxy support
- Configuring Outbound ICA Proxy
Integrate NetScaler Gateway with XenApp and XenDesktop
Native OTP Support for Authentication
Configuring Server Name Indication Extension
Validating the Server Certificate During an SSL Handshake
Using Advance Policy to Create VPN Policies

View PDF

This content has been machine translated dynamically.

Give feedback here

Thank you for the feedback

Citrix Gateway
NetScaler Gateway 12.0

This content has been machine translated dynamically.

Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)

Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)

Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)

此内容已动态机器翻译。放弃

このコンテンツは動的に機械翻訳されています。免責事項

This content has been machine translated dynamically.

This article has been machine translated.

Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)

Ce article a été traduit automatiquement. (Clause de non responsabilité)

Este artículo ha sido traducido automáticamente. (Aviso legal)

この記事は機械翻訳されています.免責事項

이 기사는 기계 번역되었습니다.

Este artigo foi traduzido automaticamente.

这篇文章已经过机器翻译.放弃

Switch to english Auf Englisch anzeigen Lire en anglais Leer en inglés 英語に切り替え 영어로 전환 Mudar para ingles 切换到英文

Translation failed!

Understanding Azure ADAL Token Authentication

October 5, 2020

Contributed by:

S C

Following is the flow of events in a typical NetScaler Gateway-Microsoft ADAL token authentication:

1. When an app is launched in iOS or Android, the app contacts Azure. The user is prompted to log on with user credentials. After a successful logon, the app gets an ADAL token.

2. This ADAL token is presented to a NetScaler Gateway, which has been configured to validate the ADAL token.

3. NetScaler Gateway validates the signature of the ADAL token with the corresponding certificate from Microsoft.

4. After a successful validation, NetScaler Gateway extracts the User’s Principal Name (UPN) and grants the app VPN access to the internal resources.

The official version of this content is in English. Some of the Citrix documentation content is machine translated for your convenience only. Citrix has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Citrix product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Citrix, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Citrix will not be held responsible for any damage or issues that may arise from using machine-translated content.

DIESER DIENST KANN ÜBERSETZUNGEN ENTHALTEN, DIE VON GOOGLE BEREITGESTELLT WERDEN. GOOGLE LEHNT JEDE AUSDRÜCKLICHE ODER STILLSCHWEIGENDE GEWÄHRLEISTUNG IN BEZUG AUF DIE ÜBERSETZUNGEN AB, EINSCHLIESSLICH JEGLICHER GEWÄHRLEISTUNG DER GENAUIGKEIT, ZUVERLÄSSIGKEIT UND JEGLICHER STILLSCHWEIGENDEN GEWÄHRLEISTUNG DER MARKTGÄNGIGKEIT, DER EIGNUNG FÜR EINEN BESTIMMTEN ZWECK UND DER NICHTVERLETZUNG VON RECHTEN DRITTER.

CE SERVICE PEUT CONTENIR DES TRADUCTIONS FOURNIES PAR GOOGLE. GOOGLE EXCLUT TOUTE GARANTIE RELATIVE AUX TRADUCTIONS, EXPRESSE OU IMPLICITE, Y COMPRIS TOUTE GARANTIE D'EXACTITUDE, DE FIABILITÉ ET TOUTE GARANTIE IMPLICITE DE QUALITÉ MARCHANDE, D'ADÉQUATION À UN USAGE PARTICULIER ET D'ABSENCE DE CONTREFAÇON.

ESTE SERVICIO PUEDE CONTENER TRADUCCIONES CON TECNOLOGÍA DE GOOGLE. GOOGLE RENUNCIA A TODAS LAS GARANTÍAS RELACIONADAS CON LAS TRADUCCIONES, TANTO IMPLÍCITAS COMO EXPLÍCITAS, INCLUIDAS LAS GARANTÍAS DE EXACTITUD, FIABILIDAD Y OTRAS GARANTÍAS IMPLÍCITAS DE COMERCIABILIDAD, IDONEIDAD PARA UN FIN EN PARTICULAR Y AUSENCIA DE INFRACCIÓN DE DERECHOS.

本服务可能包含由 Google 提供技术支持的翻译。Google 对这些翻译内容不做任何明示或暗示的保证，包括对准确性、可靠性的任何保证以及对适销性、特定用途的适用性和非侵权性的任何暗示保证。

このサービスには、Google が提供する翻訳が含まれている可能性があります。Google は翻訳について、明示的か黙示的かを問わず、精度と信頼性に関するあらゆる保証、および商品性、特定目的への適合性、第三者の権利を侵害しないことに関するあらゆる黙示的保証を含め、一切保証しません。

ESTE SERVIÇO PODE CONTER TRADUÇÕES FORNECIDAS PELO GOOGLE. O GOOGLE SE EXIME DE TODAS AS GARANTIAS RELACIONADAS COM AS TRADUÇÕES, EXPRESSAS OU IMPLÍCITAS, INCLUINDO QUALQUER GARANTIA DE PRECISÃO, CONFIABILIDADE E QUALQUER GARANTIA IMPLÍCITA DE COMERCIALIZAÇÃO, ADEQUAÇÃO A UM PROPÓSITO ESPECÍFICO E NÃO INFRAÇÃO.

This content has been machine translated dynamically.

Give feedback here

Thank you for the feedback

Citrix Gateway
NetScaler Gateway 12.0

Understanding Azure ADAL Token Authentication

October 5, 2020

Contributed by:

S C

October 5, 2020

Contributed by:

S C

Understanding Azure ADAL Token Authentication

In this article