Product Documentation

Configuring Access to Applications and Virtual Desktops in the Web Interface

Feb 05, 2014

You can configure NetScaler Gateway to give users access to published applications and virtual desktops with the NetScaler Gateway Plug-in instead of with Receiver. To configure access to applications and desktops, you change the configuration on NetScaler Gateway from using Receiver only to connect to NetScaler Gateway, to a configuration that enables connections by using the NetScaler Gateway Plug-in with single sign-on to the Web Interface. For example, you configure NetScaler Gateway so that all users connect with the NetScaler Gateway Plug-in and use the Web Interface as the home page. This scenario supports single sign-on to the Web Interface.

In addition to access to applications and desktops, users can also run applications installed on the user device that make network connections through the VPN tunnel.

To start the configuration, use the following guidelines:

  • Create a Web Interface site.
  • Configure Advanced Access Control settings.
  • Configure SmartAccess.
  • Configure endpoint analysis on NetScaler Gateway.
  • Configure policies and filters on Citrix XenApp and XenDesktop.
  • Configure NetScaler Gateway so users log on by using the NetScaler Gateway Plug-in to access published applications and virtual desktops.

For more information, see the following topics in Citrix eDocs:

When configuring user logon to XenApp and XenDesktop, you first create a session profile to select the NetScaler Gateway Plug-in for Windows. Then, you create a profile for intranet applications for access to XenApp, XenDesktop, and the Web Interface.

To configure global settings for the NetScaler Gateway Plug-in for access to applications and desktops

  1. In the configuration utility, on the Configuration tab, in the navigation pane, expand NetScaler Gateway and then click Global Settings.
  2. In the details pane, under Settings, click Change global settings.
  3. On the Published Applications tab, next to ICA Proxy, select OFF.
  4. In Web Interface Address, type the URL of the Web Interface site. This becomes the home page for users.
  5. In Single Sign-On Domain, type the Active Directory domain name.
  6. On the Client Experience tab, next to Plug-in Type, select Windows/Mac OS X and then click OK.

To configure the intranet application

  1. In the configuration utility, on the Configuration tab, in the navigation pane, expand NetScaler Gateway > Resources and then click Intranet Applications.
  2. In the details pane, click Add.
  3. In Name, type a name for the application.
  4. Click Transparent.
  5. In Protocol, select the TCP, UDP, or Any.
  6. In Destination Type, select IP Address and Netmask . For example, type 172.16.100.0 and the subnet mask 255.255.255.0 to represent all servers on the 172.16.100.x subnet. The IP address of the Web Interface, XenApp, and all other servers to which users connect must be in one of the subnets defined as an intranet application.

    After you create the intranet application, you can bind it globally or to a virtual server.

  7. In IP Address and NetMask, type the IP address and subnet mask that represents your internal network, click Create and then click Close.

    After you create the intranet application, you can bind it globally or to a virtual server.

To bind an intranet application globally

  1. In the configuration utility, on the Configuration tab, in the navigation pane, expand NetScaler Gateway and then click Global Settings.
  2. In the details pane, under Intranet Applications, click Create mappings to TCP applications in the secure network for the NetScaler Gateway Plug-in for Java.
  3. In the Configure VPN Intranet Applications dialog box, click Add.
  4. Under Available, select one or more intranet applications, click the arrow to move the intranet applications to Configured and then click OK.

To bind an intranet application to a virtual server

  1. In the configuration utility, on the Configuration tab, in the navigation pane, expand NetScaler Gateway and then click Virtual Servers.
  2. In the details pane, select a virtual server and then click Open.
  3. In the Configure NetScaler Gateway Virtual Server dialog box, click the Intranet Applications tab.
  4. Under Available Application Name, select the intranet applications, click Add and then click OK.

When users log on with the NetScaler Gateway Plug-in, the VPN tunnel is established and either Receiver or the Web Interface is used as the home page.