Create a single FQDN used internally and externally

You can create a single fully qualified domain name (FQDN) that can access a store directly from within your corporate network and remotely via a NetScaler Gateway.

In the following document, it uses as examples:

  • as the single URL used for users to access StoreFront. When inside the network it resolves to the StoreFront server or load balancer. When outside the network it resolves to the gateway.
  • as the callback url. This resolves internally to the gateway. This is only required for smart access or password-less authentication.

Server Group base URL

Change the base URL to be the single URL. See Change the base URL for a deployment.

StoreFront beacons for Citrix Workspace app

Citrix Workspace app attempts to contact beacon points and uses the responses to determine whether users are connected to local or public networks.

By default, StoreFront uses the server group base URL as the internal becon URL. In this configuration, the same URL is valid both internally and externally so cannot be used as a becaon. Therefore, you must set the internal beacon to a URL that you know is only accessable internally.

See Configure beacon.

External DNS

  • resolves to the externally facing IP of the NetScaler gateway Virtual Server.

Internal DNS

  • resolves to the storefront load balancer or single StoreFront server IP.
  • resolves to the gateway vServer VIP. If a firewall exists between the DMZ and the enterprise local network, allow for this.
Create a single FQDN used internally and externally