Introduction

This howto will show you how you can create a Citrix Secure Gateway in Citrix Presentation Server 4.0.

We used certain standards to implement it and you can offcourse implement your own standards.

This howto is a basic guide how you can create a Citrix Secure Gateway MPS4.0

You will need a Web Interface also on the server

If you haven't created a webinterface yet for MPS4.0 we recommend you read this howto first.

Well before we begin we need to acomplish a few goals on the server that will become a dedicated Citrix Secure Gateway.

First thing we do is create a server certificate (webserver) for the server on the FQDN (full Qualified Domain Name) of the server. We created with a privat CA (Certificate Authority) a certificate for the server and installed it.

Now we are gonna check if the IIS server is not hosting a SSL site on port 443 TCP. If so you can savely remove it cause the CSG will listen on port 443 TCP dedicated

Part 1 Installation of the CSG.

The setup is located on the component cd of your citrix installation set.

After you double clicked on the setup figure 1 will showup.

figure 1

Press Next to go to figure 2 accept the license agreement and press Next

figure 2

 Select Secure Gateway and press Next (Secure Gateway Proxy is used for a doublehop dmz)

figure 3

 Now you can select the destination folder. We left it default. Press Next to go to figure 5

figure 4

 Now you have to select the account which the Secure Gateway will run under. We selected the Network Service cause were darn lasy. You can ofcourse create a dedicated account for this service for security reasons!

figure 5

Press Next to go to figure 7 

figure 6

 Yes it's getting boring ... press next :)

figure 7

 Now were getting to the part that we need to configure the Secure Gateway with the wizzard before it will actually startup.

figure 8

 Deselect "Metaframe Secure Access Manager" since we are only installing a CSG.

figure 9

 We can now choose between standard or advanced settings. As geeks we only want advanced ofcouse!!

figure 10

 Remeber I wrote on top of the article that we need a server certificate. Well here you go why.

As you can see we already have 2 certificates installed (due to a former installation of CSG) select the correct certificate you create for your server and press Next

figure 11

 Keep this default. the stronger the enconding the better.

figure 12

 We want to listen on port 443 TCP. If you have multiple network interface cards select the correct one.

figure 13

 Select no outbound traffic restrictions or if you have a acl select that one.

figure 14

 Since Metaframe Presentation Server 4.0 every citrix server is also a Secure Ticket Authority(STA) you need to place the FQDN name in the box then you can press OK.

figure 16

After you entered the correct name of the STA you will get figure 17. You can enter multiple STA's for failover.

figure 17

 We did not configure this since we don't want any restrictions on our timout or connections

figure 18

 You can specify devices to be excluded from logging.. why exclude stuff the more logging the better is my opinion.

figure 19

 We want users connecting directly to the secure gateway.

figure 20

 We selected "All events including informational" remember the more logging the better the troubleshooting :)

figure 21

 Well we finished the CSG Wizzard but are not done yet.

figure 22

 Part 2 Configure the webinterface

Open the ASC and browse to your web interface (WI). Now select in the right pane the "Manage secure client access" and edit the "Edit Secure Gateway Settings" see figure 24

figure 23

 Enter the address of the CSG (This is the external FQDN) add the STA address(es)

figure 24

In principle your done :) If you use a privat certificate you need to install the Root certificate in order to connect to your published applications through the CSG otherwise you will get SSL error 61.

Figure 25 shows the certificate warning after you typed in the url to your CSG. From here on the CSG will direct you to the Web Interface (WI).

figure 25

If you have any questions register on our forum and fire em away. We are there to answer them.

In the future we will write a howto to configure a CSG using smartcards.

Comments

Add New Search RSS

WoW Gold - WoW Gold Unregistered | 2008-09-07 16:19:28 Professional WoW Power Leveling store,We offer cheap WoW Power Leveling,cheap World of Warcraft WoW Power Leveling,).Free Guide to help you Buy WoW Gold,WoW Power Leveling, and WoW Gold, sessions are really cheap, normally a lot less than the WoW Gold, minimum wage offered in the US because most WoW Gold, of the workers who are leveling are based in China.WoW Gold, Not only that but they normally are buy WoW Gold able to level faster than the Cheap WoW Gold average player WoW Gold, considering they have workers rotating Cheap WoW Gold shifts along with many many practices in the game. Cheap WoW Gold One of the best part of leveling a brand new character is Cheap WoW Gold that you will have a fresh reputation of the WoW Gold and WoW Gold would be able to name the character as you like. World of warcraft Power Leveling,warcraft Power Leveling,World of warcraft Power Leveling,warcraft Power Leveling,age of conan gold,aoc gold,buy aoc gold,cheap aoc gold,aoc power leveling,age of conan power leveling,aoc power leveling,aoc gold,age of conan gold,age of conan power leveling,guild wars gold,lotro gold,lotro gold,lotr gold,lotr gold,maplestory mesos,maplestory mesos,maplestory mesos,maplestory mesos, maple story mesos,maple story mesos,maple story mesos,maple story mesos,maple story mesos,maplestory mesos,runescape gold,runescape money,aoc gold,age of conan gold,aoc gold, age of conan gold,aoc gold,FFXI Gil,final fantasy gil,oil purifier,rolex replica,replica rolex,chongqingyantai,evening dresses,evening gowns,wedding dresses,bridal gowns, wedding gowns,cocktail dresses,Bridesmaid dresses,prom dresses,formal dresses,girls clothes,baby boy clothes,baby boy clothing,baby girl clothes,baby girl clothing,dog clothes,dog collarsPromotional items,Promotional products,Wedding dresses,Pet supplies,Dog clothes, Reply | Quote

Anonymous Unregistered | 2008-11-10 08:27:32 zhanghe Welcome to our wow Gold and store. We are specilized, professional and reliable website for selling and service. By thewow goldsame token,we offer the best WoW service for our long-term and loyal customers You will find the benefits andwow power leveling value we created different from other sites. As to most people, they are unwilling to spend most of the time grinding money for mounts or repair when they can purchase what they are badly need. The only way is to look for the best place towow gold buy cheap WOW gold. Yes! You find it here! Our WoW Gold supplying service has already accumulated a high reputation and credibility. We have plenty of Gold suppliers, which will guarantee ourwow powerleveling delivery instant. Actually, we have been getting tons of postive feedbacks from our loyal customers who really appreciate our service. Reply | Quote

Write comment
Name:
Title:
UBBCode:	-color-aquablackbluefuchsiagraygreenlimemaroonnavyolivepurpleredsilvertealwhiteyellow -size-tinysmallmediumlargehuge

Powered by JoomlaCommentCopyright (C) 2006 Frantisek Hliva. All rights reserved.Homepage: http://cavo.co.nr/