Access citrix by portal access

Do you mean, after login, being connected to a big webtop with all Citrix ressources ?

If so, you have to replace the WebInterface or Storefront. Restart the iApp and select Storefront replacement.

Hi Matthieu,

Currently we have two access policys, one for Citrix in which we are directed to Citrix after login and the other one is a portal with some links to applications.

This means that users have two entry points one for Citrix and one link for the portal with other Apps. They have to remember two links. What we want is to add a link or symbol, in the portal where the apps are defined, where we can start a citrix session with. In this way the users only have to use one link.

Do you understand me?

Greetings, Robin

Yeah, you have 2 solutions :

• Create a "webtop link" ressource who point to your Citrix VS. Users will remember only one URL (Portal URL) but the browser will be redirected to the Citrix URL automatically if user click on CITRIX icon.
• Create a "Portal Access" ressource who point to your StoreFront or WebInterface. In this case, you have to make some modification on VS in order to support ICA proxy (check Per-App & VDI box)

Make sense ?

Yesss we did it!! Thank you very much!

Good to know. Raise the solution to "Solved" so that next people can find it easier.

Take care.

Thanks I will close the ticket, but I was to enthousiast, it works only in Safari browser. When we use IE, Chrome of Firefox we see on the F5 on a packetcapture, the F5 tried to connect to the HTTPS port instead of http. Do you have an idea why this happends?

Greetings, Robin

Thanks I will close the ticket, but I was to enthousiast, it works only in Safari browser. When we use IE, Chrome of Firefox we see on the F5 on a packetcapture, the F5 tried to connect to the HTTPS port instead of http. Do you have an idea why this happends?

Greetings, Robin

I don't know if you're still having issues with the implementation, RobinBreggeman - but there is a 3rd alternative that may work. On your original portal page (with links to other apps), you can add a Remote Desktop resource of type Citrix. Configure as this remote desktop's destination your Citrix XML broker (Desktop Delivery Controller) address:port. Then, when your users click on this icon on your portal page, they will be presented with a APM-provided Storefront/Web Interface replacement UI for logging on to the broker and displaying icons for launching the Citrix apps/desktops the broker returns as available in your environment. (You can also configure SSO, depending on how users log on to your portal, such that the broker-returned app/desktop icons are immediately displayed, if preferred, skipping the logon-to-Citrix dialog).

What is happening in this scenario is that APM is "decorating" the ICA files returned to the Receiver client to add an SSL Proxy configuration, pointing at your APM portal page as the proxy. The Receiver client then sends Common Gateway Protocol traffic via the SSL tunnel thus constructed, and the F5 proxies those calls to the back-end session host on port :2598.

Just an alternative. (Btw, I was being quick and dirty -- there are cleanups to the above, e.g., if you have redundant brokers, you should configure an LTM pool to the brokers, and select that pool as the destination, rather than an individual broker.)

I don't know if you're still having issues with the implementation, RobinBreggeman - but there is a 3rd alternative that may work. On your original portal page (with links to other apps), you can add a Remote Desktop resource of type Citrix. Configure as this remote desktop's destination your Citrix XML broker (Desktop Delivery Controller) address:port. Then, when your users click on this icon on your portal page, they will be presented with a APM-provided Storefront/Web Interface replacement UI for logging on to the broker and displaying icons for launching the Citrix apps/desktops the broker returns as available in your environment. (You can also configure SSO, depending on how users log on to your portal, such that the broker-returned app/desktop icons are immediately displayed, if preferred, skipping the logon-to-Citrix dialog).

What is happening in this scenario is that APM is "decorating" the ICA files returned to the Receiver client to add an SSL Proxy configuration, pointing at your APM portal page as the proxy. The Receiver client then sends Common Gateway Protocol traffic via the SSL tunnel thus constructed, and the F5 proxies those calls to the back-end session host on port :2598.

Just an alternative. (Btw, I was being quick and dirty -- there are cleanups to the above, e.g., if you have redundant brokers, you should configure an LTM pool to the brokers, and select that pool as the destination, rather than an individual broker.)

It was really strange! I made a packet capture to see what the message was from the server, because it can not be that difficult. It said something like the /Citrix/XenApp was permanantly moved.... After that I checked the URI again in the Access portal policy and changed that, there was an URI without / on the end. Changed that one with /..... that seems to work.

After testing everything was working.

Thanks again.