Product Documentation

Testing Your NetScaler Gateway Configuration

Jan 22, 2014

After you configure the initial settings on NetScaler Gateway, you can test your settings by connecting to the appliance.

To test the NetScaler Gateway settings, create a local user account. Then, using either the virtual server IP address or the fully qualified domain name (FQDN) of the appliance, open a web browser and type the web address. For example, in the address bar, type https://my.company.com or https://192.168.96.183.

At the logon screen, enter the user name and password of the user account you created earlier. After you log on, you are prompted to download and install the NetScaler Gateway Plug-in.

After you install and then successfully connect with the NetScaler Gateway Plug-in, the Access Interface appears. The Access Interface is the default home page for NetScaler Gateway.

Creating a new user account by using the configuration utility

  1. In the configuration utility, on the Configuration tab, in the navigation pane, expand NetScaler Gateway > User Administration, and then click AAA Users.
  2. In the details pane, click Add.
  3. In User Name, type the user name.
  4. If using local authentication, clear the External Authentication check box. Authenticating users with external authentication types, such as LDAP or RADIUS, is the default. If you clear this check box, NetScaler Gateway authenticates users.
  5. In Password and Confirm Password, type the password for the user, click Create and then click Close.

When you add users by using the configuration utility, you can bind the following policies to the user:

  • Authorization
  • Traffic, session, and auditing
  • Bookmarks
  • Intranet applications
  • Intranet IP addresses

If you have problems logging on with the test user account, check the following:

  • If you receive a certificate warning, either a test certificate or an invalid certificate is installed on NetScaler Gateway. If a certificate signed by a Certificate Authority (CA) is installed on the appliance, make sure that there is a corresponding root certificate on the user device.
  • If you used a CA-signed certificate, verify that you generated the site certificate correctly by using the signed Certificate Signing Request (CSR), and that the Distinguished Name (DN) data entered in the CSR is accurate. The problem may also be that the host name does not match the IP address that is on the signed certificate. Check that the configured certificate’s common name corresponds to the configured virtual server IP address information.
  • If the logon screen does not appear or if any other error message appears, review the setup process and confirm that you performed all steps correctly and entered all parameters accurately.