Forum Discussion
Redirect for native Citrix Receiver clients
Hi folks, first post and fairly new to F5 so please bear with me :)
Citrix environment: XenApp 6.5, StoreFront 2.1, Citrix Receiver 4.1
I have a virtual server configured for StoreFront, with an access policy and client SSL profile. When connecting to the virtual server with a browser, all works well.
When connecting to the same virtual server with native Citrix Receiver, this fails. I think I understand why.
If I change my hosts file so the fqdn resolves to the IP of the StoreFront server itself (instead of the F5 VIP) - success.
For native Receiver clients only, how could I bypass/not apply the access policy on the virtual server? I really just need to load balance native Receiver connections and forward the traffic to the StoreFront servers.
Should I try to redirect native Receiver clients to a second simple virtual server, with no access policy? How to do this? Would I need another client SSL profile, or could I reuse the original profile?
Is this the right approach? Or could this be done using Policy Editor?
Thanks
3 Replies
- John_Alam_45640Historic F5 Account
try this:
when HTTP_REQUEST { if { [HTTP::header User-Agent] contains "Receiver" } { ACCESS::disable } else { ACCESS::enable } } - adamjones73_136
Nimbostratus
Hi John, thanks for your reply.
I tried the iRule, however still no success with the Receiver.
I'm using this URL to add the account for Receiver: https://mysite.com/Citrix/StoreNameNot sure if this helps, but relevant portion of IIS logs when Receiver pointed directly at StoreFront show: GET /Citrix/StoreName - 443
GET /Citrix/StoreName/discovery - 443
GET /Citrix/StoreName/endpoints/v1 - 443
GET /Citrix/StoreName/endpoints/v1 - 443
GET /Citrix/StoreName/resources/v2 - 443
POST /Citrix/Authentication/auth/v1/token - 443
POST /Citrix/Authentication/Integrated/Authenticate - 443 - adamjones73_136
Nimbostratus
Application Service was created using iApp template f5.citrix_vdi.v1.1.0rc6
If I enabled legacy PNA support on the StoreFront servers, I was able to use Receiver 3.4 Enterprise with pass-through authentication, however in Receiver version 4.0 and up, Citrix has removed PNAgent support.
Resolution: The only way I could get pass-through authentication working with Receiver 4.1 was to remove the Access Profile from the VS.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com