Scenario: A Citrix Administrator is enabling TLS Secure connections between the Cloud Connectors and on-premises StoreFront. After configuring the TLS certificate on all Cloud Connectors and disabling HTTP connections, the administrator finds that no resources are being enumerated. On-prem customers can utilize Citrix site aggregation available in Citrix Cloud services to aggregate their on-premises virtual app and desktop deployments and provide simple two-factor authentication via time-based one-time passwords for enhanced security. For more information on Citrix Workspace experience go here. Citrix StoreFront.
2) Public IP assigned to above created interface will be resolvable to NetScaler gateway URL which we will configure later. Create a DNS A record on your DNS sever which points to public IP of NetScaler Gateway to its URL.
3) Gateway Configuration will be completed in following steps:
Citrix Cloud On Premise Storefront Solutions
- If VPX is hosted on Azure then NetScaler does not have SNIP.
- Configure Virtual IP on NetScaler. Navigate to System -> Network -> IPs and add a IP for NetScaler Gateway VPN Server and select the IP type as Virtual IP.
- After configuring Virtual IP, configure NetScaler Gateway VPN server. Navigate to NetScaler Gateway > NetScaler Gateway Virtual Servers.
- Provide Name and IP address for virtual server and check ICA only check box and enable authentication check box as well.
- Bind server certificate to server and add STA server and click on Done.
Citrix Cloud On Premise Storefront FreeNote: In this scenario, we will not configure any authentication policy on NetScaler Gateway. No session policies will be configured unlike general NetScaler Gateway configuration. When we use cloud hosted StoreFront services, authentication happens at StoreFront not on NetScaler Gateway.
4) Login to your Citrix Cloud account and click on XenApp and XenDesktop services. You will re-directed to another GUI with gateway configuration which will similar to
5) In above screenshot we are configuring our own NetScaler Gateway so we will use 'user your own NetScaler gateway in the resource location'. Here give URL for your NetScaler Gateway which will be resolvable to your NetScaler gateway URL.
Citrix Cloud On Premise Storefront SystemFor application/desktop launch, you have to access StoreFront URL not NetScaler Gateway. NetScaler Gateway is not doing any authentication here as it is acting as a proxy. Access the StoreFront URL on browser as:
Note: If you will check the downloaded ICA file, you will see SSL proxy host as NetScaler Gateway URL.