You configure interception rules for user connections on NetScaler Gateway by using Intranet Applications. By default, when you configure the system IP address, a mapped IP address, or a subnet IP address on the appliance, subnet routes are created based on these IP addresses. Intranet applications are created automatically based on these routes and can be bound to a virtual server. If you enable split tunneling, you must define intranet applications in order for client interception to occur.
You can configure intranet applications by using the configuration utility. You can bind intranet applications to users, groups, or virtual servers.
If you enable split tunneling and users connect by using WorxWeb or WorxMail, when you configure client interception, you must add the IP addresses for App Controller and your Exchange server. If you do not enable split tunneling, you do not need to configure the App Controller and Exchange IP addresses in Intranet Applications.