Add Citrix Gateway
Add a NetScaler Gateway to provide remote accesss and authentication to StoreFront.
Pre-requisites
-
A hardware or software NetScaler ADC.
-
The NetScaler ADC can access the StoreFront server or load balancer by FQDN.
-
Create DNS records for the FQDN that will be used to access StoreFront via the gateway.
-
A server certificate for the Gateway which is valid for the gateway FQDN.
-
Authentication server details.
Configure NetScaler ADC
-
Log into NetScaler ADC web interface.
-
Under Integrate with Citrix Products choose XenApp and XenDesktop.
-
If you do not have any gateways already configured the click Get Started, otherwise click Create New Gateway.
-
Choose StoreFront and click Cointinue.
-
On the Citrix Gateway step, enter:
-
The Gateway FQDN as the FQDN which users will enter access StoreFront via the gaetway.
-
The IP address you would like to use for the Gateway virtual server.
-
The Port on which the Gateway will listen for conenctions, normally 443.
-
Tick Redirect requests from port 80 to secure port.
Press Continue
-
-
On the Server Certificate step, import a server certificate which is valid for the gateway FQDN.
Click Continue
-
On the StoreFront step:
-
Enter the URL of the StoreFront server or load balancer.
-
Press Retrieve Stores then select the Receiver for Web you wish to provide access to.
-
Enter the default active directory domain used when users log on. Users can override this by entering a specific domain.
-
Enter at least one Security Ticket Authority URL. If using Citrix Virtual Apps and Desktops, normally this will be the URLs of the delivery controllers. If using Citrix Desktops as a Service, enter the URL of the cloud connectors.
- Normally it is recommended for NetScaler to authenticate users then single-sign-on to StoreFront. Alternatively you can tick Use this StoreFront server for authentication. This exposes the StoreFront authentication pages to the user.
- On the authentication step:
- Select a value from the Choose Authentication Type drop down. The availble options are:
- Domain
- RSA
- SMS
- Smart Card
- RSA + Domain
- StoreFront Auth
- RSA + StoreFront Auth
If you wish to use other authentication methods such as SAML then these must be configured Other authentication options must be configured outside of this wizard.
If you choose StoreFront Auth or RSA + StoreFront Auth then NetScaler leaves it to StoreFront authenticating the user. In this case you must disable token consistency.
- Fill in the details according to the authentication type chosen.
Click Continue.
-
Press Done to take you to the dashboard.
-
Next to the StoreFront server, click the download icon to download a configuration file that you can import into StoreFront.
-
Configure StoreFront
The simplest way to configure StoreFront is to export a configuration file from NetScaler and import it into StoreFront, see Import a Citrix Gateway.
Alternatively you can manually Add NetScaler Gateway