The Citrix Blog

richardda

  1. SDX Remote Console Access of VIs

    By richardda · Published on 6 months ago · No Comments

    The onboard Lights-Out Management (LOM) card in the Service Delivery Controller (SDX) provides remote access to both the XenServer console as well as the console of the individual virtual NetScaler instances running on the system. Screen shots and instructions follow… 1. From the "Remote Control" tab of the LOM interface, press the "Launch Console" button. 2. Select “Local Command Shell” from the XenServer console. 3. From the shell… ...

    Read More

  2. Multiple XFF IPs giving you problems?

    By richardda · Published on 7 months ago · No Comments

    If you’re contemplating adding an unsupported ISAPI filter to your web server to deal with this problem, STOP! Use a NetScaler AppExpert policy instead. Background Sometimes intermediate proxies and firewalls will mask the true source IP address of client TCP/IP connections.   But many times its necessary for the applications servers to be aware of the clients true IP address.   The x-forward-for (XFF) is an entry, found in an ...

    Read More

  3. NetScaler MPX vs. VPX – Networking differences

    By richardda · Published on 3 years ago · No Comments

    The NetScaler VPX virtual appliance has some decisive differences from its MPX hardware counterparts. While the performance differences are well documented, some of the finer networking related points are a bit obscure and not readily discoverable. While none of them are likely to be show stoppers, it's important to be familiar with the limitations. Here's a short table I've assembled describing the impact of the hypervisor ...

    Read More

  4. Easy Mutli-Factor Authentication

    By richardda · Published on 3 years ago · 8 Comments

    PinSafe is a form of multi-factor authentication which is easier to deploy and more cost effective than its token based competitors.  It also integrates seamlessly with the NetScaler for both SSL VPN and AAA for Web Applications. It works by providing the user a customized "one time" image on the login page.  The image employs character rotation and will use a range of fonts and backgrounds ...

    Read More

  5. How To Define Offsets in Client SSL Certificate Expressions

    By richardda · Published on 3 years ago · No Comments

    If you need to perform a search of a particular piece of data in the SUBJECT or ISSUER fields of a client's SSL certificate, the CONTAINS and NOCONTAINS Operators will serve you well.  However, if you want to be more granular in your approach, you will likely get frustrated by using the offset values of the Classic AppExpert Expression. Problems occur when administrators rely on IE's ...

    Read More

  6. Perception is Reality – Changing the Access Gateway label

    By richardda · Published on 3 years ago · 3 Comments

    Everyone should know by now that the NetScaler standard is the best practice for XenApp delivery.  So why do folks still see "Access Gateway" on the NetScaler's cool carbon fiber login page? Do your prospects a favor and provide a consistent message that NetScaler is the solution they are testing!  One small way you can address this is by changing the "Access Gateway" graphic in the VPN login page to read "NetScaler".   I bet you didn't even know ...

    Read More

  7. Link from Single to Multi factor login pages

    By richardda · Published on 3 years ago · 2 Comments

    A customer asked me to reduce the complexity of having both single and multi factor CAG login pages and create a more seamless access experience for users with and without RSA tokens. Because the customer wants folks who have been issued a token to receive full VPN access and be directed to a custom Web Interface (WI) site tailored for elevated permissions, I had to use ...

    Read More

Subscribe by RSS