-
-
-
-
-
-
Configuring uberAgent Proxy Settings for LAS Licensing
-
Building a Browser Extension Inventory Report (Chrome/Edge/Firefox)
-
Internet Explorer - Distinguish Standalone and Edge IE Mode Starts
-
-
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Configuring uberAgent Proxy Settings for LAS Licensing
Citrix License Activation Service (LAS) requires uberAgent to establish outbound HTTP connections to specific Citrix LAS backends on the internet. While granting general internet access from all endpoints is often not possible due to security or compliance reasons, it is important to note that uberAgent only requires connections to specific, region-based targets. Unrestricted internet access is not required. By setting up a proxy that is limited to accept and forward connections to the Citrix LAS backends only, customers can efficiently operate uberAgent without granting full internet access to endpoints.
Starting with uberAgent 8.0, it is possible to configure the agent to use a proxy server for specific resources. This allows a secure setup where:
- Endpoints do not have direct internet access.
- All Citrix LAS licensing traffic is routed through a proxy.
- The proxy only allows connections to the required LAS backends and blocks all other destinations.
Setting Up the Necessary Configurations
This article walks you through an example configuration for the use case described above, following the principles outlined here. Please note that setting up the proxy itself is not covered in this practice guide.
Identify Your Citrix LAS Backends
As a first step, you need to identify which LAS licensing backend is required in your environment. To do so, verify in which region your Citrix Cloud ID is based. As outlined in the firewall exclusions, Citrix operates multiple LAS backends for different regions. Choose from the following LAS backends based on the region of your Citrix Cloud ID.
| Protocol | Target | Region |
|---|---|---|
| HTTPS | https://api.cloud.com |
US, EU, APS |
| HTTPS | https://api-us.cloud.com |
US, EU, APS |
| HTTPS | https://api.citrixcloud.jp |
Japan |
Note:
In this article, we assume that our Citrix Cloud ID is based in the US. Therefore, we are interested in the two URLs
https://api.cloud.comandhttps://api-us.cloud.com. As mentioned before, a proxy can be configured so that it only permits outbound connections to the defined LAS backends and denies all other external destinations.
Configure Destination-to-Proxy Mappings
Now that the required LAS backends have been identified and the proxy is ready to process incoming requests, uberAgent has to be configured. To do so, open your uberAgent.conf and add the stanza [Proxy_List] including both targets. The configuration makes use of URL_REGEX. This means that the two URLs have to be converted into the appropriate syntax. Sticking with the example above and assuming our proxy server is proxy.customer.com, the configuration to add is:
[Proxy_List]
api\.cloud\.com = proxy.customer.com
api-us\.cloud\.com = proxy.customer.com
<!--NeedCopy-->
With the configuration shown above, only LAS-related communication is routed through the proxy; other HTTP communication, for example to on-premises backends, is not sent to the proxy.
Configure Proxy Authentication (optional)
If your proxy requires authentication, add the [Proxy_Auth] stanza to the configuration shown above:
[Proxy_Auth]
proxy.customer.com = user:password
<!--NeedCopy-->
Note:
uberAgent supports reading credentials as plain text, obfuscated via uAEncrypt, and from the operating system’s credential store. If uberAgent does not find authentication information in this stanza for a proxy that is configured in
[Proxy_List], it will try to establish a connection without authentication.
Distribute the Configuration
As a final step, the updated uberAgent configuration (uberAgent.conf) has to be distributed to your endpoints. To do so, use one of uberAgent’s configuration options that best suits your needs.
Share
Share
In this article
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select I DO NOT AGREE to exit.