Forum Discussion

Michael_Koyfman's avatar
Michael_Koyfman
Icon for Cirrocumulus rankCirrocumulus
Jan 24, 2014

If you deploy APM 11.4.1 HF2 or later, it supports using STA tokens, and thus can be used with ICA signing feature, as ICA file rewrite is not needed in this case. Here is how to do this:

Documentation notes for this feature:

  1. Prerequisites:

  2. Citrix Web Interface (WI) site working in Gateway Direct Mode and published via Citrix Access Gateway (AGEE)

  3. Configuring APM

  4. Virtual Server (VS) is configured to provide ICA Proxy functionality either via iApp or as described in here: http://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-citrix-integration-11-3-0.html
  5. Additional session variable named "session.citrix.sta_servers" must be added to the policy using the "Variable Assign" agent in Visual Policy Editor
  6. The value of "session.citrix.sta_servers" is the same as you would enter on Web Interface:

So the assignment will normally look like this:

session.citrix.sta_servers = return {http://mysta.company.com/scripts/ctxsta.dll}
  • If there is more than one STA server, the individual URLs are delimited by a semicolon
amolari's avatar
amolari
Icon for Cirrostratus rankCirrostratus
Jan 24, 2014
I thought ICA file rewrite was always necessary (change of IP address from internal to VS)... The solution you describe is for when using WI servers and not publishing Apps on the APM webtop, right? No solution available if I do not want to use the WIs?