Choose your NetScaler … wisely

I spend a lot of my time breaking down the different models of Citrix NetScaler appliances and different Software Editions within the Citrix NetScaler portfolio.

I decided to set up a blog about this since the path is usually pretty much (lengthy but) the same. This does not mean the answer is always easy because there are a lot of questions that need to be answered.

The first thing I would like to get off my chest is the following: Stop seeing/selling the Citrix NetScaler as a replacement for Secure Gateway. It is so much more than that. I often have discussions with various engineers and consultants telling me that Citrix NetScaler is so expensive for a Remote Access solution because Secure Gateway always used to be free. No offense but a Citrix NetScaler solution belongs to the networking department, not the Citrix XenApp sys admin department. Or maybe limited.

Read more of this post

Creating user customizable announcements for NetScaler Access Gateway

A customer would like to designate a number of people for customizing announcements on the Access Gateway Enterprise page.  This way the organization can announce important changes, planned downtime or other announcements. The advantage of this is that a network engineer does not need to be bothered for displaying all sorts of messages on the Access Gateway by fiddling with the files on the appliances.


Read more of this post

[BUG] ERROR: Feature(s) not licensed [AAA]

This week I was implementing a pair of Citrix NetScaler Standard Edition appliances, mostly to be used for Access Gateway features. As always I started of with the latest Citrix NetScaler firmware which is 73.5 as of this writing. I was configuring Pre-Authentication Policies within GUI, later on I was testing HA failover and noticed that the Pre-Authentication policies were missing after doing a HA Failover.


Read more of this post

To EPA or not to EPA …

For anyone who has not worked with NetScaler Gateway Endpoint Protection Analysis before. It is pre-check before the user get to see the Gateway Logon page it has to comply certain rules that we have programmed the Gateway with. Sometimes I here people say that there is no future for EPA, but I would like to show a use-case which still is actively deployed using NetScaler Gateway and EPA’s.

This feature was already present with the Citrix Access Gateway Advanced using Citrix Advanced Access Control Option Server, yes did it! :-).

What it does is that upon client request it will launch a small piece of Citrix client software to check if the client meets our requirements for connecting. This is triggered by using an ActiveX component within Internet Explorer of Firefox. If the software is not installed it will prompt the user to do so.

Read more of this post

[BUG] Citrix (Branch) Repeater reboots spontaneously

Deployed the newest Citrix Repeater firmware on to two Citrix Repeater 8540 series. Only one appliance gave the error statement “Internal consistency checking has detected an unexpected restart (1)” and initiated a dump. Transferred the diagnostic files to Citrix Support where they were analyzed which confirmed a bug (BUG0354515).


It seems to be caused by a uninitialized variable during Auto App Discovery within ICA.

In all honesty it happened only once, so I still mark the event as an incident. Citrix has confirmed the bug (BUG0354515) and it will be fixed in the next minor ( or major (7.x) software release (they are not yet sure).


Update: Citrix Support has indicated that the bug will be fixed in release 6.2.1.

Performance degrades when enabling Citrix (Branch) Repeater Traffic Acceleration

An interesting problem where a customer has a PoC environment to see if Citrix Repeaters would add value to the Citrix XenApp/XenDesktop implementation over a WAN connection with the help of a Citrix Repeaters 8540 on each end.

Whenever the Traffic Acceleration mode was enabled performance of the XenApp/XenDesktop connection was worse then having Traffic Acceleration disabled. Movies would play frame by frame, it would take ages to move a AutoCAD object from A to B within a drawing.

The ‘receiving’ Citrix Repeater’s Log mentioned Fragmented IP Packets are being received.

Read more of this post

Contributing to Citrix Education

Last week I was off to Citrix Systems, Santa Clara for attending the next Citrix NetScaler-based CCA exams IDW (Item Development Workshop). An IDW is a workshop that lasts about a week in which you and others will create exam questions (or items) that will appear on the next (or revised) Citrix exam(s). In this particular IDW we are concentrating on the follow-up exams of the old Citrix NetScaler 1Y0-A11 and Citrix Access Gateway Enterprise 1Y0-A13 which are based on the Citrix NetScaler 9 software version.

Citrix NetScaler IDW 2012-01

Unfortunately we forgot to take a picture of all the participants together, so to name a few: from left to right: Lourdes Soler (Citrix), Henny Louwers, Stuart Souter, Alejandra Garcia (Citrix), Craig Pickford and Robert Zehnder.

Read more of this post


Get every new post delivered to your Inbox.

Join 43 other followers