Product Documentation

NetScaler Gateway and XenMobile

Feb 12, 2016

When you configure NetScaler Gateway using XenMobile, you establish the authentication mechanism for remote device access to the internal network. This functionality enables apps on an mobile device to access corporate servers located in the intranet by creating a micro VPN from the apps on the device to NetScaler Gateway. You configure NetScaler Gateway in the XenMobile console.

Note: See Configuring Settings for Your XenMobile Environment for information on setting up NetScaler Gateway for XenMobile on NetScaler.

To configure NetScaler Gateway

  1. In the XenMobile web console, click Configure > Settings > More > NetScaler Gateway.



  2. In Authentication, select ON.



  3. If you want XenMobile to share the authentication certificate with Worx Home so that the NetScaler Gateway handles client certificate authentication, in Deliver user certificate for authentication, select ON.
  4. In the Credential Provider list, click the credential provider. For more information, see Credential Providers.
  5. Click Save.

To add a new NetScaler Gateway instance

  1. In the XenMobile web console, click Configure > Settings > More > NetScaler Gateway.
  2. Above the table, click Add. The Add New NetScaler Gateway page appears.



  3. In Name, enter a name for the NetScaler Gateway instance.
  4. In Alias, optionally include an alias.
  5. In External URL, enter the publicly accessible URL for NetScaler Gateway. For example, https://receiver.com.
  6. In the Logon Type list, click a logon type. Types include Domain only, Security token only, Domain and security token, Certificate, Certificate and domain, and Certificate and security token. By default, the logon type is set to Domain only.  If you have multiple domains, Domain only will not work, you have to use Certificate and domain.  For some options, for example, for Domain only, you cannot change the Password field. For this logon type, the field is always ON. In addition, the default values for the Password Required field change based on the selected Logon Type.
  7. In Password Required, select ON if you want to require password authentication.
  8. In Set as Default, select ON to use this NetScaler Gateway as the default.
  9. Click Save. The new NetScaler Gateway is added and appears in the table. You can edit or delete an instance by clicking the name in the list.



After adding the NetScaler Gateway instance, you can add a callback URL and a specify a NetScaler Gateway VPN virtual IP address. Note: This is optional, but can be configured for additional security, especially when the XenMobile server is in the DMZ.

  1. In the NetScaler Gateway screen, select the NetScaler Gateway in the table, and click Add.
  2. On the Add New NetScaler Gateway page, in the table listing callback URLs, click Add.



  3. Specify the Callback URL. This field represents the fully qualified domain name (FQDN) and verifies that the request originated from NetScaler Gateway



  4. Enter the NetScaler Gateway Virtual IP address and then click Save.