Forum Discussion

Osama_Ibrahim_M's avatar
Osama_Ibrahim_M
Icon for Nimbostratus rankNimbostratus
Mar 07, 2019
Solved

APM Integration with Citrix

Hi Dears, first of all am new on this field, but am trying to under stand, so if someone can guide me or support it will be very appreciated.

I received a request from my boss to publish Citrix using APM, I used some links from F5 Support, but still I have some points not understand.

I received below information from platform team:

Storefront URL: https://xenappeval1.abc.com/Citrix/StoreWeb/

Workspace Access:

           https://xenappeval1.abc.com

Virtual Delivery Agents (VDAs):

           xenappfssvm01.abc.com  - 10.0.248.212     
           xenappfssvm02.abc.com -  10.0.248.213     

Storefront, Delivery Controller Server:

Xenappeval1.abc.com – 10.0.248.223

what I didn't understand is that:

this configuration will be in DMZ and above information in the internal network, so which IP I should use to create the virtual server, that mean should I use Storefront, Delivery Controller Server or I should use anther virtual IP in DMZ range and use the other IP as pool members.

Please your help and I apologize if I could not explain well.

thanks in advance.

  • Hello Osama,

     

    It seems like your second guess is correct: you're using a separate IP from your dmz range for the address that external users connect to. This virtual server will have the access profile/policy attached to it. Authentication is handled there and then credentials are given to the citrix backend servers. This makes the most sense to me.

     

    I don't know what resources support showed you but the general flow is summed up pretty well here. There's also a more in-depth guide here.

     

    Have you looked into using the citrix iApp template for this deployment? The inline text documentation can be a super helpful walk-through of the configuration. This would also make for an easy change in the future if you need to switch the ip address of the vs.

     

    Best of luck,

     

    Austin

     

2 Replies

  • Hello Osama,

     

    It seems like your second guess is correct: you're using a separate IP from your dmz range for the address that external users connect to. This virtual server will have the access profile/policy attached to it. Authentication is handled there and then credentials are given to the citrix backend servers. This makes the most sense to me.

     

    I don't know what resources support showed you but the general flow is summed up pretty well here. There's also a more in-depth guide here.

     

    Have you looked into using the citrix iApp template for this deployment? The inline text documentation can be a super helpful walk-through of the configuration. This would also make for an easy change in the future if you need to switch the ip address of the vs.

     

    Best of luck,

     

    Austin

     

    • Osama_Ibrahim_M's avatar
      Osama_Ibrahim_M
      Icon for Nimbostratus rankNimbostratus

      Hi Austin, appreciate your support and your great gaudiness, I did my configuration according to your provided link, but am still confuse about which IPs I should use, citrix servers have three internal IPs, and I need to configure in DMZ, so should I use different IP from my DMZ range so I can NAT this IP to public IP.

       

      I hope I explained well.

       

      thanks.