You are previewing Citrix Access Gateway VPX 5.04 Essentials.
O'Reilly logo
Citrix Access Gateway VPX 5.04 Essentials

Book Description

A practical step-by-step guide to provide secure remote access using the Citrix Access Gateway VPX

  • A complete administration companion guiding you through the complexity of providing secure remote access using the Citrix Access Gateway 5 virtual appliance

  • Establish secure access using ICA-Proxy to your Citrix XenApp and XenDesktop hosted environments

  • Use SmartAccess technology to evaluate end users’ devices before they connect to your protected network

  • Provide a comprehensive solution to secure remote access by implementing Appliance Failover, taking care of your high availability needs

  • In Detail

    The Citrix Access Gateway can provide full VPN access to you network or simple ICA proxy and we will show you how. No matter how new you are to Citrix or how long you have used Citrix for, we are going learn how to extend the use of Citrix products beyond the confines of your corporate network.

    Citrix Access Gateway VPX 5.04 Essentials takes you through the complete process of configuring the appliance. Providing easy to follow guides that you will be able to follow as a seasoned Citrix professional or newbie, we will see you through to the full and complete deployment of the appliance.

    Once we have established the license infrastructure we quickly begin on the Access Gateway itself. This runs as a virtual machine so we must import and configure the device. This shouldn’t take us too long and we are ready then to open the web console to see what awaits us in its Adobe Flash driven administration heaven. Our time is going to be well spent here and also, we will spend a long time here so we need to make sure that we are comfortable for the journey that will see us create basic and smartaccess login points; that is, complete access to our networks based on the needs of the user and their role. Not happy with this, we ensure that our work is not destroyed with power outages and we provide appliance failover to ensure the system keeps running. We do not short change you so you will not short change your customers.

    Citrix Access Gateway VPX 5.04 Essentials will become your bible that is always at hand for the management of your Citrix Access Gateway. This book is detailed and complete to ensure that you have a single reference to the administration of your Gateway Appliance.

    Table of Contents

    1. Citric Access Gateway VPX 5.04 Essentials
      1. Table of Contents
      2. Citrix Access Gateway VPX 5.04 Essentials
      3. Credits
      4. About the Author
      5. About the Reviewers
      6. www.PacktPub.com
        1. Support files, eBooks, discount offers and more
          1. Why Subscribe?
          2. Free Access for Packt account holders
          3. Instant Updates on New Packt Books
      7. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Errata
          2. Piracy
          3. Questions
      8. 1. Getting Started with the Citrix Access Gateway Product Family
        1. Security and Remote Access Solutions addressed by Citrix Access Gateway
        2. Citrix Access Gateway hardware
          1. NetScaler Model 2010 Appliance
          2. NetScaler Model MPX 5500 Appliance
        3. Citrix Access Gateway versions
          1. Access Gateway Milestones
          2. Access Gateway 10
          3. Access Gateway 9.3 Enterprise Edition
          4. Access Gateway 9.2 Enterprise Edition
          5. Access Gateway 5.x
        4. Citrix Access Gateway VPX Edition
        5. Designing a secure Remote Access solution
          1. Availability
          2. Using ICA Proxy to access XenApp/XenDesktop
            1. Ensuring there is no path for a single protocol to traverse the DMZ
            2. Resolving remote access issues using Citrix Access Gateway
            3. If you need access to other resources, we have full VPN connections
            4. Authentication
            5. PKI Certificates
        6. Summary
      9. 2. Licensing the Citrix Access Gateway
        1. Overview of licensing CAG
          1. License Grace Period
          2. Platform License
          3. Universal License
          4. Concurrent connections
          5. Citrix Access Gateway Express
        2. License Server options
        3. Obtaining licenses
        4. Deploying Microsoft Windows Server and VPX License Server
          1. Installing License Server 11.10
          2. Importing License Server VPX into Citrix XenServer
        5. Importing licenses and management
        6. License Server Administration
          1. Securing the dashboard
          2. Securing License Server with HTTPS
        7. Summary
      10. 3. The Citrix Access Gateway Initial Setup
        1. Understanding the network architecture
        2. Downloading the virtual appliance from Citrix
        3. Importing the Citrix Access Gateway into VMware
          1. Importing the Citrix Access Gateway into XenServer
        4. Initiating the Access Gateway setup from the command line
        5. Completing the initial configuration from the web portal
          1. Setting the admin password
          2. Add a static route to a private network
          3. Licensing the Citrix Access Gateway
        6. Adding SSL certificates
        7. Monitoring the Citrix Access Gateway
        8. Summary
      11. 4. Configuring a Basic Logon Point for XenApp/XenDesktop
        1. Identifying the need for using CAG as a remote access solution
        2. Configuring a Citrix Web Interface site for use with the Citrix Access Gateway
          1. Web Interface placement
          2. Configuring a website for remote users
          3. Changing the Secure Access method
        3. Configuring an Access Gateway basic logon point
          1. Logon point
          2. XenApp and or XenDesktop access controls
          3. Secure Ticket Authority
        4. Accessing XenApp Server farms securely with the Citrix Access Gateway
        5. Extending the basic logon point to access other internal web-based resources
          1. Keeping your users happy
        6. Auditing access to the Citrix Access Gateway
        7. Summary
      12. 5. Creating Authentication Profiles
        1. Authentication profiles
        2. Creating a RADIUS authentication profile
          1. Configuring Gemalto Protiva
          2. Configuring SafeWord
        3. Creating RSA SecurID authentication profiles
        4. Creating LDAP authentication profiles in Microsoft's Active Directory
        5. Authentication using the Active Directory sAMAccountName
        6. Authenticating using the Active Directory userPrincipalName
          1. Tracking user access
        7. Creating LDAP authentication profiles in Novell's eDirectory Directory
        8. Creating LDAP authentication profiles to Linux openLDAP
        9. Customizing the Citrix Access Gateway logon page
        10. Allowing users to change passwords on the logon page
        11. Implementing two-factor authentication on the Citrix Access Gateway
        12. Summary
      13. 6. Beyond the Basics
        1. Adding universal licenses
        2. Citrix Access Gateway plug-in installation
          1. Obtaining the plug-in
          2. Installing the plug-in
          3. Configuring the plug-in properties
        3. Integrating the Access Gateway plug-in with the Citrix Receiver
        4. Distributing the Access Gateway plug-in with the Citrix Merchandising Server
          1. Configuring deliveries with the Merchandising Server
        5. Summary
      14. 7. Address Pools
        1. Creating address pools
          1. Before we connect with the plug-in
          2. Ping after the VPN is created with the plug-in
          3. Accessing the welcome page on the web server
          4. Smart logon points use universal licenses
        2. System Administration Options
          1. Networking
          2. Appliance failover
          3. Name service providers
          4. Static routes
          5. Address pools
          6. Deployment mode
          7. Password
          8. Date and time
          9. Licensing
          10. Logging
        3. Summary
      15. 8. Device Profiles and Endpoint Analysis
        1. Device profiles
          1. File
          2. Process
          3. Registry
          4. Operating System
          5. Ports
          6. Building an effective scan expression
        2. Installing the endpoint analysis plug-in
        3. Control access to network using device profiles
        4. Summary
      16. 9. Defining Network Resources
        1. Network resources
          1. Network lists
          2. General Properties
          3. Protocols and port ranges
        2. Introducing the Citrix Branch Repeater
          1. Citrix Branch Repeater products
        3. Summary
      17. 10. SmartAccess Logon Points
        1. Defining SmartAccess logon points
          1. General Properties
          2. Authentication
        2. Defining the term Logon Point Visibility
        3. Branding the logon point
        4. Summary
      18. 11. Linking It All Together with SmartGroups
        1. Defining SmartGroups
          1. General Information
          2. Home Page
          3. Group Criteria
            1. Logon Points
            2. Device Profiles
            3. Group Membership
          4. Group Settings
            1. Network Resources
            2. Address Pools
            3. Advanced Properties
        2. Defining SmartGroup priority
        3. Summary
      19. 12. Connecting to SmartAccess Logon Points
        1. Delivering the Access Gateway plug-in
        2. Configuring Access Gateway Plug-in settings
          1. Managing the client plug-in
        3. Connecting to resources on the private network
        4. Summary
      20. 13. Monitoring the Citrix Access Gateway
        1. Accessing and interpreting logfiles
          1. System Information
          2. Running Information
          3. Active Sessions
          4. Configuration and Warnings
          5. Audit Log
          6. Info Log
          7. EPA Log
          8. Debug Log
        2. Logfile settings and log transfer
        3. Creating configuration snapshots and importing firmware updates
        4. Implementing appliance failover
          1. Configuring the master device
          2. Configuring the slave device
        5. Summary
      21. 14. Command Line Management of the Citrix Access Gateway
        1. Enabling SSH access to the command line
        2. Managing the Citrix Access Gateway from the command line
          1. Express Setup
          2. System
          3. Troubleshooting
          4. Help
        3. Summary
      22. Index