Product Documentation

Pre-Installation Checklist

Nov 02, 2015

You can use this checklist to note the prerequisites and settings for installing XenMobile. Each task or note includes a column indicating the component or function for which the requirement applies. For installation steps, see Installing XenMobile.

Basic Network Connectivity

The following are the network settings you need for the XenMobile solution.

Prerequisite or setting Component or function Note the setting
 

Note the fully qualified domain name (FQDN) to which remote users connect.

XenMobile

NetScaler Gateway

 
 

Note the public and local IP address.

You need these IP addresses to configure the firewall to set up network address translation (NAT).

XenMobile

NetScaler Gateway

 
 

Note the subnet mask.

XenMobile

NetScaler Gateway

 

Note the DNS IP addresses.

XenMobile

NetScaler Gateway

 
 

Write down the WINS server IP addresses (if applicable).

NetScaler Gateway

 
 

Identify and write down the NetScaler Gateway host name.

Note: This is not the FQDN. The FQDN is contained in the signed server certificate that is bound to the virtual server and to which users connect. You can configure the host name by using the Setup Wizard in NetScaler Gateway.

NetScaler Gateway

 
 

Note the IP address of XenMobile.

Reserve one IP address if you install one instance of XenMobile.

If you configure a cluster, note all of the IP addresses you need.

XenMobile

 
 
  • One public IP address configured on NetScaler Gateway
  • One external DNS entry for NetScaler Gateway

NetScaler Gateway

 
 

Note the web proxy server IP address, port, proxy host list, and the administrator user name and password. These settings are optional if you deploy a proxy server in your network (if applicable).

Note: You can user either the sAMAccountName or the User Principal Name (UPN) when configuring the user name for the web proxy.

XenMobile

NetScaler Gateway

 
 

Note the default gateway IP address.

XenMobile

NetScaler Gateway

 
 

Note the system IP (NSIP) address and subnet mask.

NetScaler Gateway

 
 

Note the subnet IP (SNIP) address and subnet mask.

NetScaler Gateway

 

Note the NetScaler Gateway virtual server IP address and FQDN from the certificate.

If you need to configure multiple virtual servers, note all of the virtual IP addresses and FQDNs from the certificates.

NetScaler Gateway

 
 

Note the internal networks that users can access through NetScaler Gateway.

Example: 10.10.0.0/24

Enter all internal networks and network segments that users need access to when they connect with Worx Home or the NetScaler Gateway Plug-in when split tunneling is set to On.

NetScaler Gateway

 
  Make sure that the network connectivity between the XenMobile server, NetScaler Gateway, the external Microsoft SQL Server, and the DNS server are reachable. XenMobile

NetScaler Gateway

 

Licensing

XenMobile requires you to purchase licensing options for NetScaler Gateway and XenMobile. For more information about Citrix Licensing, see The Citrix Licensing System.

Prerequisite Component Note the location
 

Obtain Universal licenses from the Citrix web site. For details, see Installing NetScaler Gateway Licenses.

NetScaler Gateway

XenMobile

Citrix License Server

 

Certificates

XenMobile and NetScaler Gateway require certificates to enable connections with other Citrix products and app and from user devices. For details, see Certificates in XenMobile.

Prerequisite Component Notes
 

Obtain and install required certificates.

XenMobile

NetScaler Gateway

 

Ports

You need to open ports to allow communication with the XenMobile components. For a complete list of ports you need to open, see XenMobile Port Requirements.

Prerequisite Component Notes
 

Open ports for XenMobile

XenMobile

NetScaler Gateway

 

Database

You need to configure a database connection. The XenMobile repository requires a Microsoft SQL Server database running on one of the following supported versions: Microsoft SQL Server 2014, SQL Server 2012, SQL Server 2008 R2, or SQL Server 2008. Citrix recommends using Microsoft SQL remotely. PostgreSQL is included with XenMobile and should be used locally or remotely only in test environments.

Prerequisite Component Note the setting
 

Microsoft SQL Server IP address and port.

Make sure the service account of the SQL Server to be used on XenMobile has the DBcreator role permission.

Before installing a XenMobile server in FIPS mode, you need to complete prerequisites with SQL Server. For details, see Configuring FIPS with XenMobile.

XenMobile

 

Active Directory Settings

Prerequisite Component Note the setting
 

Note the Active Directory IP address and port for the primary and secondary servers.

If you use port 636, install a root certificate from a CA on XenMobile, and change the Use secure connections option to Yes.

XenMobile

NetScaler Gateway

 
 

Note the Active Directory domain name.

XenMobile

NetScaler Gateway

 
 

Note the Active Directory service account, which requires a user ID, password, and domain alias.

The Active Directory service account is the account that XenMobile uses to query Active Directory.

XenMobile

NetScaler Gateway

 
 

Note the User Base DN.

This is the directory level under which users are located; for example, cn=users,dc=ace,dc=com. NetScaler Gateway and XenMobile use this to query Active Directory.

XenMobile

NetScaler Gateway

 
 

Note the Group Base DN.

This is the directory level under which groups are located.

NetScaler Gateway and XenMobile use this to query Active Directory.

XenMobile

NetScaler Gateway

Connections Between XenMobile and NetScaler Gateway

Prerequisite Component Note the setting
 

Note the XenMobile host name.

XenMobile

 
 

Note the FQDN or IP address of XenMobile.

XenMobile

 
 

Identify the apps users can access.

NetScaler Gateway

 
 

Note the Callback URL.

XenMobile

 

User Connections: Access to XenDesktop, XenApp, and Worx Home

Citrix recommends that you use the Quick Configuration wizard in NetScaler to configure connection settings between XenMobile and NetScaler Gateway and between XenMobile and Worx Home. You create a second virtual server to enable user connections from Receiver and web browsers to connect to Windows-based applications and virtual desktops in XenApp and XenDesktop. Citrix recommends that you use the Quick Configuration wizard in NetScaler to configure these settings as well.

Prerequisite Component Note the setting
 

Note the NetScaler Gateway host name and external URL.

The external URL is the web address with which users connect.

XenMobile

 
 

Note the NetScaler Gateway callback URL.

XenMobile

 
 

Note the IP addresses and subnets masks for the virtual server.

NetScaler Gateway

 

Note the path for Program Neighborhood Agent or a XenApp Services site.

NetScaler Gateway

XenMobile

 
 

Note the FQDN or IP address of the XenApp or XenDesktop server running the Secure Ticket Authority (STA) (for ICA connections only).

NetScaler Gateway

 
  Note the public FQDN for XenMobile.

NetScaler Gateway

  Note the public FQDN for Worx Home.

NetScaler Gateway