Update to my previous blog post NetScaler 11.0 Swivel integration here’s anupdate of how to do exactly the same thing only using NetScaler rewrites rather then editing any code on the NetScaler itself. The reason this is useful is that any updates we make to javascript that comes within the NetScaler firmware may (will probably) need to be redone every time you upgrade your firmware as...
Optimising your NetScaler SSL configuration
I’ve seen a lot of excellent guides around on optimising SSL parameters on NetScaler which is awesome. A lot of them are geared towards obtaining the coveted A+ rating from Qualsys’ excellent SSLLabs test which I think is important as it gives people an easy way to ensure they are compliant to certain level in a world where the goalposts are frequently rapidly moving even if only...
NetScaler Gateway 11.0 – Multi Domain dropdown
This method is not compatible with NetScaler version 11.0 after build 64.34 since Citrix deprecated the -userdomains vpn vserver parameter. Please see for alternate instructions. Thanks to Scott Osborne (@VirtualOzzy) for pointing this out to the CUG Networking SIG When NetScaler 11.0 was released I noticed a couple of interesting things 1. There was a new ‘userdomains’ parameter for...
Swivel integration – NetScaler 10.1
Quick one from a recent deployment. This customer had chosen Swivel () as their secondary authentication. Swivel requires a Turing image to be displayed on the VPN logon page to provide the user with one time password they need to provide for RADIUS authentication. Swivel have helpfully provided very detailed guides on how to do this by replacing the index.html and login.js various NetScaler...
OWA 2010 Form Based SSO
I’ve been asked about this a few times recently so thought it worth a post. As of version 10.69.4.nc NetScaler Gateway and AAA features support OWA 2010 In order to provide SSO when authentication on OWA is form based additional configuration is required. Create a formSSOAction, this provide the NetScaler with the following information: The page in which to complete the Form based SSO...
Windows RT browser based access to Access Gateway Enterprise with WIoNS
During a recent project Citrix Receiver for Windows RT version 1.2 was released to the public and by lucky coincidence a majoy stakeholder in the project happened to be the proud owner of a Windows Surface RT which seemed like an ideal opportunity to try out the new Web Interface support for Windows RT. Now being honest I have not got this working when users are logging in via the Metro Citrix...
NetScaler Access Gateway 10: Modify secondary authentication prompt with rewrite action
As alot of you will have seen in the article CTX123121 the NetScaler Rewrite feature can be used to modify the look and feel of the Access Gateway logon page, commonly this involves changing the default password prompts created in the login.js file. As the article states these rules may vary from version to version – and they do so I thought I’d add the correct policy for NetScaler...
Access Gateway Enterprise – Disabling cookies prevents the secondary authentication field displaying
As expected this blog has gone a significant amount of time without update. This is mostly because I’ve not had anything particularly interesting to say. So yesterday an Access Gateway Enterprise question was posed to me so I thought I would run through it in case anyone else encounters the same problem. It may not be that interesting Issue A user reported that the secondary authentication...
Ardbp32.bin Load Balancing – HTTP
Thought it was time for an update – This is something I’d previously written when implementing Provisioning Services 5.6 sp1 and XenServer 5.6 FP1 into a a reasonable sized Presentation Server 4.5 farm that wanted to move away from their currrent physical servers to embrace the wonders of virtualization. It’s been said before but load balancing TFTP is difficult, and as...