Netscaler+Guide+2017+2 1
Uploaded by
For CrapNetscaler+Guide+2017+2 1
Uploaded by
For CrapPage: 1
Citrix NetScaler – Introduction
Table of Contents
Introduction 4
Who is this guide for? 4
Prerequisites 4
Prepare your Environment 5
Download the NetScaler Firmware 90 day Evaluation – citrix.com/products 5
Download the NetScaler Firmware – mycitrix.com 8
Deploy the OVA File to Hypervisor - VMWare ESXi 6 11
Initial NetScaler Setup - NSIP 16
Download the NetScaler Trial License 21
Install the NetScaler Trial License 23
Basic Authentication 25
Creating an LDAP Authentication Policy - Administrators 25
NetScaler SSH Command References: 28
Binding an LDAP Authentication Policy - Administrators 29
Granting AD Group Permissions to the NetScaler 31
Creating an LDAP Authentication Policy – NetScaler Users 34
NetScaler SSH Command References: 37
Certificates 38
Creating a Private RSA 38
Creating a CSR Request 40
Submitting the CSR to a 3rd party CA - Comodo Free SSL 43
Upload the CA CRT file and Install the Certificate on the NetScaler 48
Intermediary Certificate Linking 50
XenApp & XenDesktop 7.14 Installation 54
Prerequisites 54
Install XA/XD Software 54
Create the XA/XD Site 62
Install the XA/XD VDA (Virtual Delivery Agent) 66
Create a Machine Catalog 72
Test the Citrix Desktop Launch 80
StoreFront Configuration 82
Prerequisites 82
Copyright © 2017 www.mastersof.cloud
Page: 2
Modify the Default Store 82
Create a New StoreFront Store - Stand Alone 87
NetScaler Gateway - ICA Proxy 99
Overview Diagram 99
Prerequisites 100
Configure the NetScaler Gateway for XA/XD - Wizard 100
NetScaler Unified Gateway 106
Prerequisites 106
Create the NetScaler Unified Gateway – Wizard 106
NetScaler Gateway - SSL VPN 113
Create a Basic NetScaler Gateway for SSL VPN 113
Prerequisites 113
Install the NS Gateway Plugin - Windows 119
Prerequisites 119
Create a NetScaler Gateway Preauthentication Policy 123
Configure NetScaler Gateway with Split Tunnelling 130
Create Authorisation Policies for NS Gateway 134
Setup NetScaler Gateway VPN to use a LDAP Authentication Policy 138
Configure NetScaler Gateway with SAML for ICA Proxy (Federated
Authentication) 143
Prerequisites 143
Create NetScaler SAML Policy to 3rd Party iDP (Google) 143
Install The Citrix Federated Authentication Service (CFAS) 159
Configure StoreFront to Delegate Authentication to NetScaler 170
Configure NetScaler High Availability 172
Prerequisites 172
Deploy Secondary NetScaler 173
Setup High Availability – NetScaler 1 175
HA Failover NetScaler 1 to NetScaler 2 178
NetScaler Load Balancing 182
Prerequisites 182
Enable the Load Balancing Feature 182
Setup Basic HTTP Load Balancing, Service Groups and Monitors 183
NetScaler Support 192
Backup NetScaler Configuration 192
Firmware Upgrade of the NetScaler HA Pair 195
Clear the NetScaler Configuration 198
Copyright © 2017 www.mastersof.cloud
Page: 3
Disclaimer
This guide is offered as a companion to the online video training series from
www.mastersof.cloud, or free directly from the www.mastersof.cloud website.
This guide can also be used as a stand alone guide. Please note that this guide is
provided without warranty of any kind, express or implied, and was designed to be
used in a test lab for educational purposes only. Use this guide at your own risk. You
should always have multiple backups of your environment, configuration and
infrastructure before doing any changes to your environment. Never make untested
or unsolicited changes to any production environment.
Accuracy of the material contained within this document is very important to us.
Every effort has been made to ensure the accuracy of this document at the time of
writing however should you notice any discrepancies or incorrect information please
notify us immediately at t [email protected] so we can review and
update where necessary.
Copyright © 2017 www.mastersof.cloud
Page: 4
Introduction
Welcome to the ‘Citrix NetScaler - Introduction’ guide. The purpose of this guide is to provide
you with the basics you need to deploy and configure a NetScaler device either in a lab or in
an enterprise environment. This document is designed to accompany the online courses
now available at www.mastersof.cloud and also available at www.udemy.com.
We hope you find this course informative and easy to follow.
Please do feel free to ask questions or provide any feedback on the training website at
www.mastersof.cloud or email [email protected]
Note: This guide uses many example screenshots, IP addresses and DNS settings that are
specific to the demo environment being used at the time. You will need to use your own
settings in place of the examples provided to ensure a working setup. If you are not sure of
the configuration options you should consult with your AD, Network, Virtualisation and Cloud
teams first for the correct details that are specific to your environment.
Who is this guide for?
Chances are if you have come this far you already knew what you were looking for! The
guide is a quick start to get you up and running with Citrix NetScaler.
Prerequisites
1) A basic level of understanding of network principles, TCP-IP, DNS, Firewalls and
Network routing
2) Familiarity with connecting to devices via SSH or Putty
3) Familiarity with all Citrix products in general
4) Competency with the latest versions of Microsoft Windows operating systems
This document also serves as a complimentary printed walk through for the Citrix NetScaler
Introduction online training at www.mastersof.cloud and also available at www.udemy.com.
Copyright © 2017 www.mastersof.cloud
Page: 5
Prepare your Environment
Download the NetScaler Firmware 90 day Evaluation –
citrix.com/products
In this walkthrough we going to connect to citrix.com and download a 90 day evaluation of
the Citrix Application Delivery Controller (aka ADC)
Step Description Screenshot
1. Connect to
http://www.citrix.c
om/products/
2. Scroll down and
select Networking
> NetScaler >
NetScaler ADC
Copyright © 2017 www.mastersof.cloud
Page: 6
3. Click Try For Free
4. Enter your
registration
details (username
and password) for
your trial license
Copyright © 2017 www.mastersof.cloud
Page: 7
5. A code will be
generated
automatically
6. Expand Step 1 –
Review system
requirements and
download
software
Select the
download most
appropriate to you
and your hypervisor
Copyright © 2017 www.mastersof.cloud
Page: 8
Download the NetScaler Firmware – mycitrix.com
For customers who already use Citrix and have a mycitrix.com account we can also simply
obtain the NetScaler firmware from this site (provided you have a mycitrix.com account
associated with your Enterprise licenses).
Step Description Screenshot
1. Connect to
http://www.mycitri
x.com
2. Click Downloads
Select NetScaler
ADC as the product
Copyright © 2017 www.mastersof.cloud
Page: 9
3. Select the latest
release Virtual
Appliance (VPX)
available to you
Note: At the time of
writing the latest is
11.1-48.10
4. Select VPX
Package for New
Installation
Select the right
package for your
hypervisor
Note: In the
example we are
downloading the
NetScaler VPX
Software for
VMWare ESX
Copyright © 2017 www.mastersof.cloud
Page: 10
5. Read the End-User
license agreement
carefully
6. If you choose to
accept the EULA,
tick ‘I have read…’
and click Accept
You should read
the download
agreement
Be sure you and
your country
comply with the
Export Control laws
Finally save the file
somewhere easily
accessible later
Copyright © 2017 www.mastersof.cloud
Page: 11
Deploy the OVA File to Hypervisor - VMWare ESXi 6
In this section we are going to deploy the newly downloaded NetScaler firmware onto our
hypervisor (VMWare).
Step Description Screenshot
1. Connect and
authenticate to your
VMWare ESX web
console
Note: In this example we are connecting to VMWare ESXi 6.0 with a private IP of
192.168.1.1. The default URL is http://192.168.1.1/ui
2. Click Virtual
Machines
Click Create /
Register VM
Copyright © 2017 www.mastersof.cloud
Page: 12
3. Select Deploy a
virtual machine
from an OVF or
OVA File
Click the section
labelled ‘Click to
select files or
drag/drop’
4. Select both the
OVF and the
VMDK files from
the firmware file
downloaded from
citrix, then click
Next
Copyright © 2017 www.mastersof.cloud
Page: 13
5. Select an
appropriate
storage location
for your hypervisor
to deploy the
NetScaler VM
6. Choose the
network mappings
and disk
provisioning best
for you
Note: Disk provisioning is set to thin in this example only to save on local hypervisor
disk space.
7. Click Finish on
summary page
Copyright © 2017 www.mastersof.cloud
Page: 14
8. Click on the VM in
the VMWare list
9. Authenticate to the
VMWare console
prompt with your
VMware username
and password
10. Click on the
Console button to
get access to the
VM console
Copyright © 2017 www.mastersof.cloud
Page: 15
11. Success!
The NetScaler has
booted and is
operational
Copyright © 2017 www.mastersof.cloud
Page: 16
Initial NetScaler Setup - NSIP
Step Description Screenshot
1. Click on the
Console button to
get access to the
VM console
2. Your NetScaler
should be finished
initializing and
prompting for an
IPv4 Address as
part of the first run
wizard
Provide an
appropriate free IP
address, subnet
and default
gateway from your
local network
Once the details Note: In this guide we will use the following details for the NSIP
are entered type ‘4’ IP address: 192.168.1.50
to save and quit Subnet Mask: 255.255.255.0 (also known as /24)
and press enter to Default Gateway (internet router): 192.168.1.254
execute However you should use an appropriate IP address, netmask and gateway for your
network and specific configuration. If you are unsure consult with your network
The NetScaler will administration team.
perform a quick,
warm reboot
Copyright © 2017 www.mastersof.cloud
Page: 17
3. After reboot it will
return to the login:
prompt
Enter ‘nsroot’ as
the username
Enter ‘nsroot’ as
the password
These are the
default NetScaler
username and
password
4. Once successfully
authenticated
type ‘show ip’ and
press return
Note: This command will show you all IP addresses registered on the active
NetScaler
Tip: the NetScaler recognises short versions of the same command (provided it’s
unique) for example the command ‘sh ip’ will also work
Copyright © 2017 www.mastersof.cloud
Page: 18
5. Type ‘shell’ and
press return
Type ‘ifconfig’ and
press return
Note: you can use the shell to perform more traditional BSD based Linux commands
like ifconfig, route, ping, traceroute
6. Open your internet
browser and point
to the newly added
NSIP of your
NetScaler
Enter ‘nsroot’ as
the username
Enter ‘nsroot’ as
the password
7. Click enable or
skip on the Citrix
User Experience
Improvement
Program window
Copyright © 2017 www.mastersof.cloud
Page: 19
8. Welcome to the first
time setup config
page of the
NetScaler GUI
Note: This page shows you that you have already set a NetScaler IP address (NSIP)
which can be used for management of the NetScaler device, however you still need
to set your DNS, Time Zone, Hostname, SNIP and to add licenses
9. Click on the
Subnet IP
Address section of
the NetScaler GUI
10. Enter a Subnet IP
as appropriate for
your environment
Then click Done
Note: In this guide we will use the following details for the SNIP
IP address: 192.168.1.51
Subnet mask: 255.255.255.0 (also known as /24)
Default gateway (internet router): 192.168.1.254
However you should use an appropriate IP address, netmask and gateway for your
network and specific configuration. If you are unsure consult with your network
administration team
Note: A NetScaler will use its NSIP as a management IP address. It will utilise the
Subnet IP address (SNIP) to communicate with back end servers etc on that specific
assigned subnet
Copyright © 2017 www.mastersof.cloud
Page: 20
11. Click Host Name,
DNS IP Address
and Time Zone
section of the
NetScaler GUI
12. Enter the following
details as
appropriate for your
configuration
Hostname
DNS IP Address
Time Zone
Then click Done
Note: In this guide we will use the following details for the Hostname, DNS and
TimeZone
Hostname: ns1
DNS IP Address: 192.168.1.11 & 192.168.1.12 (the IP addresses of my singular
Active Directory LDAP servers)
Time Zone: GMT+ 00:00-GMT-Europe/London
However you should use an appropriate IP address, netmask and gateway for your
network and specific configuration. If you are unsure consult with your network
administration team
13. Click Yes
14. The Initial
Configuration of the
NetScaler is
complete
Copyright © 2017 www.mastersof.cloud
Page: 21
Download the NetScaler Trial License
Only start this section once you have deployed your NetScaler on your chosen hypervisor
platform.
Step Description Screenshot
1. Expand Step 2,
click on License
Management
System to register
your temporary
license key
2. Sign in with the
details you
registered your trial
license with
Tick the Citrix
Store NetScaler
VPX 1000... license
key
Click Continue
3. Deploy your
NetScaler and
obtain its Host ID
(MAC Address)
Log into the
NetScaler console
(user: ‘nsroot’,
pass: ‘nsroot’)
Type ‘shell’ then
press enter
Type ‘lmutil
lmhostid –ether’
then press enter
Copyright © 2017 www.mastersof.cloud
Page: 22
4. Take the Host ID
and enter that into
the Citrix licensing
console
Click continue
5. Click confirm
6. Click OK to
download the
license file(s)
7. Save the file for
later use in these
Labs
Copyright © 2017 www.mastersof.cloud
Page: 23
Install the NetScaler Trial License
Only start this section once you have deployed your NetScaler on your chosen hypervisor
platform.
Step Description Screenshot
1. When you access
your NetScaler,
and if you haven’t
yet set a SNIP or a
license you may be
presented with the
first run wizard
You can click the
‘Licenses’ section
to upload your
license file
Go to step 3 below
2. You can also
access this from
the NetScaler >
System > Licenses
menu and click
Add New License
3. Select the option to
Upload license
files
Click Browse
Copyright © 2017 www.mastersof.cloud
Page: 24
4. Browse for the
NetScaler license
file you
downloaded
previously to select
for upload
Restart your
NetScaler
Copyright © 2017 www.mastersof.cloud
Page: 25
Basic Authentication
Creating an LDAP Authentication Policy - Administrators
In this walkthrough we will create an LDAP policy for administrators of the NetScaler and
point this new policy to our singular, private, internal Microsoft AD LDAP server.
This will involve creating a server to bind to (i.e. telling the NetScaler what server to
communicate with for LDAP services) and we will create a policy that will be bound to this
newly created server record. Finally the policy and its associated server profile must be
bound to the NetScaler so it knows where and when to use this LDAP policy. We will bind
this policy globally to the NetScaler which means all users in the policy will be able to
administer the NetScaler device.
Step Description Screenshot
1. Log into your NetScaler
Expand System > Authentication >
LDAP
And click the Add button
Copyright © 2017 www.mastersof.cloud
Page: 26
2. Give the policy a Name
e.g.
‘AUTHPOL_LDAP_Administrators’
Set the Expression as ‘ns_true’
Click the + to add a new LDAP Server
to authenticate against
Tip: If you keep the naming of the policies, servers and profile
creations consistent it is much easier to find them when you
have many multiple policies created on the NetScaler
3. Give the LDAP server profile a Name.
I usually give it the imaginative name of
something like:
‘AUTHSERVER_LDAP’
Fill out the essential information for
this server profile
Note: In this guide we are using the
following recommended minimum
examples:
IP Address / or Name: 192.168.1.11
Base DN:
CN=Users,DC=Home,DC=Local
Admin Bind DN: [email protected]
(domain administrator account)
Admin Password: <password>
Search Filter: memberof= CN=Domain
Admins,CN=Users,DC=home,DC=local
Server Logon Name Attribute:
sAMAccountName
Group Attribute: memberof
Sub Attribute Name: cn
Tip: be sure to click the test connection Note: You should use appropriate LDAP details. If you are
button once you have finished the setup unsure consult with your AD/LDAP/Authentication team.
of this LDAP server profile to ensure it
connects to your LDAP server
successfully
Copyright © 2017 www.mastersof.cloud
Page: 27
4. Tip: You can connect to a Domain Examples:
Controller or any Windows machine with If I want the NetScaler to search the Users OU in AD I could
the RSAT tools installed to establish your query a user name in that OU to get their Base DN
base DN and admin bind DN by querying
the accounts using dsquery user and
dsquery group
If you need to obtain the Group details for the ‘Search Filter’
5. Click Test Connection and ensure your
LDAP server is reachable
Note: the Admin Password is not copied when you duplicate
these settings at a later stage so always be sure to re-enter
them when creating additional AUTHSERVERS
6. Click Create at the bottom of the ‘Create
Authentication LDAP Server’
Copyright © 2017 www.mastersof.cloud
Page: 28
7. Click Create on the ‘Create
Authentication LDAP Policy’ Window
8. Save the NetScaler Configuration
Click YES to the ‘Are you sure’ message
NetScaler SSH Command References:
● Create LDAP Server add authentication ldapAction AUTHSERVER_LDAP -serverIP 192.168.1.11
-ldapBase "CN=Users,DC=Home,DC=Local" -ldapBindDn
[email protected] -ldapBindDnPassword
1234561234561234561234561234561234561234561234561234561234
-encrypted -encryptmethod ENCMTHD_3 -ldapLoginName
sAMAccountName -groupAttrName memberOf -subAttributeName cn
● Create LDAP Policy add authentication ldapPolicy AUTHPOL_LDAP_Administrators ns_true
AUTHSERVER_LDAP
Copyright © 2017 www.mastersof.cloud
Page: 29
Binding an LDAP Authentication Policy - Administrators
In this walkthrough we will create a LDAP policy for administrators of the NetScaler and bind
it globally to the NetScaler
Step Description Screenshot
1. Log into your NetScaler
Expand System > Authentication >
LDAP
Tick the newly created policy and click
Global Bindings
2. Click the > button to choose your newly
created LDAP policy
Then click Select
Click Bind on the System Global
Authentication LDAP Policy Binding
Window
Click Done
Copyright © 2017 www.mastersof.cloud
Page: 30
3. Note: The LDAP Policy will have a green
tick in the Globally Bound column, which
means all members of the LDAP group
you added in the ‘Search Field’ of the
server policy will now be able to
authenticate against the NetScaler as
NetScaler system users
Copyright © 2017 www.mastersof.cloud
Page: 31
Granting AD Group Permissions to the NetScaler
In the previous step we created an LDAP policy and bound it globally to the NetScaler so
that all users who are members of the Active Directory group Domain Admins would be able
to authenticate against the NetScaler and access the WebGUI. However these users will not
have permission on the NetScaler itself to perform any administrative tasks, so we must link
the AD group to appropriate permissions on the NetScaler.
Step Description Screenshot
Example of error message when logging
in as user ‘[email protected]’
Not authorized to execute this command
[show ns license]
[show ns feature]
Note: a user name of just ‘admin’ would
also work
Here you can see that the user is able to authenticate, but not
perform any tasks on the NetScaler.
1. Log into the NetScaler as nsroot
Browse to > System > User
Administration > Groups
Click the add button
2. Type in Group Name: ‘Domain Admins’
Note: The NetScaler group name must
match the LDAP group name and is
Case SeNsiTiVE
Copyright © 2017 www.mastersof.cloud
Page: 32
3. Under Command Policies
Click Bind
Tick Sysadmin
Click Insert
Copyright © 2017 www.mastersof.cloud
Page: 33
4. Click Create
5. Users who are members of Domain
Admins group in Active Directory will now
have the sysadmin role on the NetScaler
6. A list of other roles on the NetScaler and http://docs.citrix.com/en-us/NetScaler/10-1/ns-system-wrapper-
what can be assigned are listed here on 10-con/ns-ag-aa-intro-wrapper-con/ns-ag-aa-config-users-and-
the Citrix Website grps-tsk.html
Copyright © 2017 www.mastersof.cloud
Page: 34
Creating an LDAP Authentication Policy – NetScaler Users
In this walkthrough we will create an LDAP policy for basic users of the NetScaler to
authenticate against things like a new Virtual NetScaler Gateway.
This profile however will be identical to the previous administrators policy, only we will be
looking for another AD group. Instead of ‘Domain Admins’ we will look for users who are
members of the LDAP group called ‘NetScaler Users’.
Step Description Screenshot
1. Log into your NetScaler
Expand System > Authentication >
LDAP
Click the Servers Tab
Tick the already existing
AUTHServer_LDAP
Click the Add button
Tip: Because we selected the already
created server profile the configuration
details of that profile will be automatically
copied into this new policy as ‘defaults’
Note: The LDAP bind password is not
copied when you duplicate these settings
from a previously created policy so
always be sure to re-enter them when
creating additional AUTHSERVERS and
test
Copyright © 2017 www.mastersof.cloud
Page: 35
2. Give the LDAP server profile a Name
e.g. AUTHSERVER_LDAP_NSUsers
Provide the following details of your
LDAP server:
IP Address / or Name
Base DN
Admin Bind DN
Admin Password: Be Sure to RETYPE
YOUR PASSWORD and click TEST
Server Logon Name Attribute:
sAMAccountName
Group Attribute: memberof
Sub Attribute Name: cn
Note: In this guide we are using the
following specific details as working
examples
IP Address / or Name: 192.168.1.11
Base DN:
CN=Users,DC=Home,DC=Local
Admin Bind DN: [email protected]
Admin Password: <password>
Search Filter: memberof= CN=NetScaler
Users,CN=Users,DC=home,DC=local
Note: You should use appropriate LDAP details for your
environment. If you are unsure consult with your
AD/LDAP/Authentication team.
3. Tip: You can connect to your AD Examples:
controller or any Windows machine with If you need to obtain the Group details for the ‘Search Filter’
the Remote Server Administration Tools
(RSAT) installed to establish your base
DN and admin bind DN by querying the
accounts using dsquery user and
dsquery group
Copyright © 2017 www.mastersof.cloud
Page: 36
4. Click Test Connection and ensure your
LDAP server is reachable
Note: The LDAP bind password is not copied when you
duplicate these settings from a previously created policy so
always be sure to re-enter them when creating additional
AUTHSERVERS and test
5. Click Create at the bottom of the ‘Create
Authentication LDAP Server’
6. Create another LDAP Policy to bind this
new server profile to
Click the Policies tab
Tick the existing policy
Click Add
Note: Because we selected the already
created server profile the configuration
details of that profile will be copied
freshly as a new Server Profile
Copyright © 2017 www.mastersof.cloud
Page: 37
7. Simply rename the policy to something
new like AUTHPOL_LDAP_NSUsers
Link this new policy to the previously
created server profile in steps 1-5 by
selecting
AUTHSERVER_LDAP_NSUsers from
the drop down
Leave the Expression as is: ns_true
Click Create
8. Two LDAP Authentication policies now
exist and can be used for authenticating
users on the NetScaler
Note: The Administrators policy is the
only policy presently bound to the
NetScaler
NetScaler SSH Command References:
● Create LDAP Server add authentication ldapAction AUTHSERVER_LDAP_NSUsers -serverIP
192.168.1.11 -ldapBase "CN=Users,DC=Home,DC=Local" -ldapBindDn
[email protected] -ldapBindDnPassword
1234123412341234123412341234123412341234123412341234123412341
234 -encrypted -encryptmethod ENCMTHD_3 -ldapLoginName
sAMAccountName -searchFilter "memberof= CN=NetScaler
Users,CN=Users,DC=home,DC=local" -groupAttrName memberOf
-subAttributeName cn
● Create LDAP Policy add authentication ldapPolicy AUTHPOL_LDAP_NSUsers ns_true
AUTHSERVER_LDAP_NSUsers
Copyright © 2017 www.mastersof.cloud
Page: 38
Certificates
Creating a Private RSA
Step Description Screenshot
1. Log into the
NetScaler web
interface
http://192.168.1.50
2. Expand traffic
management
Right Click SSL
And select Enable
Feature
Note: The yellow
exclamation will
disappear when the
feature is enabled
Disabled
Enabled
Copyright © 2017 www.mastersof.cloud
Page: 39
3. Expand SSL > SSL
Files > and click
the button Create
RSA Key
4. In this example we Key filename:
will enter the details gateway.jsconsulting.services.privatekey
shown: Key Size(bits)*: 2048
Public Exponent Value: F4
Then click Create Key Format: PEM
PEM Encoding Algorithm: DES3
PEM & Confirm Password: <mypassword>
Note: the larger the key size the more CPU
will be used encrypting and decrypting the
certificates
DES3 is simply DES applied 3 times (so in
theory it's more secure)
5. Note: The private key should be downloaded and stored away from the NetScaler device (especially if the
NetScaler is stored in a DMZ). This is in case the NetScaler device is compromised in any way. If your
private keys are lost or compromised you would have to revoke your existing certificates and new
certificates should be generated.
Copyright © 2017 www.mastersof.cloud
Page: 40
Creating a CSR Request
Step Description Screenshot
1. Log into the
NetScaler web
interface
http://192.168.1.50
2. Now that our
private key has
been created we
need to create a
Certificate Signing
Request and sign it
with our private key
Expand SSL > SSL
Files
Click CSRs
Then click Create
Certificate Signing
Request (CSR)
3. In our example we
will enter these
details shown:
Then click Create
Copyright © 2017 www.mastersof.cloud
Page: 41
Request File name: gateway.jsconsulting.services.csr
Key Filename: gateway.jsconsulting.services.privatekey
Key Format: PEM
PEM Passphrase: <private key password here>
Digest Method: SHA256
Common Name: gateway.jsconsulting.services
Organisation Name: JS Consulting Services
Organisational Unit: Technologies
Email Address: <your email address>
City: London
State or Province: London
Country: UNITED KINGDOM
Copyright © 2017 www.mastersof.cloud
Page: 42
4. CSR is created and
signed with the
private key all
stored on the
NetScaler in
/nsconfig/ssl
Copyright © 2017 www.mastersof.cloud
Page: 43
Submitting the CSR to a 3rd
party CA - Comodo Free SSL
We now need to take our CSR created in the previous guide and submit that to a 3rd
Party
Certificate Authority or CA to verify our CSR and provide us with a certificate response we
can combine with our CSR and generate the SSL certificate.
Step Description Screenshot
1. First we need to
download our CSR
for easy access
from the NetScaler
Expand Traffic
Management >
SSL > SSL Files >
CSRs tab
Tick the newly
created .csr file and
click Download
2. We are going to https://ssl.comodo.com/free-ssl-certificate.php
browse to comodo
and apply for a
FREE SSL
Certificate
Copyright © 2017 www.mastersof.cloud
Page: 44
3. Click the big Free
Trial SSL button
4. Open the
downloaded CSR
file from step 1 and
copy and paste
the entire contents
into the Comodo
SSL site
Select Citrix as the
Server software
Click Next
Copyright © 2017 www.mastersof.cloud
Page: 45
5. Comodo will then
perform a domain
ownership
verification
In the example
shown to keep it
simple I will select
the registered email
address for
jsconsulting.service
s from (WHOIS)
Copyright © 2017 www.mastersof.cloud
Page: 46
6. Enter your details
for registration of
the Certificate and
for access to the
COMODO SSL Site
Copyright © 2017 www.mastersof.cloud
Page: 47
7. Read the terms
thoroughly and
Accept if you are
ready to continue
8. Validate the email
sent to your
WHOIS registered
9. Download the CSR
Files as a zip
Copyright © 2017 www.mastersof.cloud
Page: 48
Upload the CA CRT file and Install the Certificate on the
NetScaler
We will now take the CRT file and install it onto the NetScaler device, then use both the CRT
and Private key to combine and finally create a fully functional NetScaler certificate.
Step Description Screenshot
1. Expand Traffic
Management >
SSL > SSL Files
Click Upload
2. Browse for your
Certificate file
(provided by your
3rd Party CA)
Click Open
Note: The file is
uploaded to the
NetScaler but not
yet usable!
Copyright © 2017 www.mastersof.cloud
Page: 49
3. Browse to Traffic
Management >
SSL > Server
Certificates
Click Install
4. Give the new
‘Server Certificate’
a unique easily
identifiable name
Certificate File:
Choose the
Certificate you just
uploaded in step 2
Key File Name:
select your private
key file that is on
the NetScaler
Provide the private
key password
Click Install
Your certificate is
now installed and
ready to be used on
NetScaler services,
VIPs, NetScaler
gateway etc.
Copyright © 2017 www.mastersof.cloud
Page: 50
Intermediary Certificate Linking
Sometimes there can be more certificate between the server certificate and the root cert we
have created on the NetScaler and the Root CA Certificate. These certificates ‘in the middle’
are known as intermediary or subordinate certificates and form a link or ‘chain’ between the
root CA certificate and our newly created NetScaler certificate.
When some operating systems don’t have the full chain of intermediary certificates installed
(and trusted) they will display a ‘certificate invalid’ message even when the certificate itself is
valid. This is because the operating system is unable to verify your server certificate all the
way up the certificate chain to the root certificate. These certificates can be installed and
provide to the end users to greater enhance the user’s ability to connect to the NetScalers
regardless of their endpoint or client device.
Step Description Screenshot
1. Example:
Connecting to a
service or VIP on
the NetScaler
interface where we
have bound the
new Certificate
shows an error in
Chrome on Mac
OSX
Note: This will vary
between operating
system and
between CA
certificate providers
Copyright © 2017 www.mastersof.cloud
Page: 51
2. Log into the
NetScaler web
interface
http://192.168.1.50
3. Expand SSL > SSL
Files
Click SSL >
Certificates > CA
Certificates
Click Install
4. Upload the
bundled
certificate from
your 3rd
party CA
Click Install
Copyright © 2017 www.mastersof.cloud
Page: 52
5. Expand SSL > SSL
Files
Click SSL >
Certificates >
Server Certificates
Tick your newly
created server
certificate
Select Action -
‘Link’
6. Select the CA
Certificate
uploaded in step 3
Tip: The NetScaler
will automatically
select the correct /
valid certificate (if it
is installed correctly
and exists)
Copyright © 2017 www.mastersof.cloud
Page: 53
7. Repeat this step for
every certificate in
the certificate chain
including the root
certificate
Copyright © 2017 www.mastersof.cloud
Page: 54
XenApp & XenDesktop 7.14 Installation
As part of the NetScaler gateway setup we are going to create a fully self contained Citrix
XenApp and XenDesktop (referred from now on as XAXD) Delivery controller (aka Desktop
Delivery Controller – DDC).
Prerequisites
Description
● Windows 2012/2016 Server & Domain joined
● You have patched the server and installed KB2919355 - Windows RT 8.1, Windows 8.1, and
Windows Server 2012 R2 update: April 2014 (prerequisite patch)
(Note: If you download this update without updating the Operating system first it may say the patch is not
applicable – If this happens run windows updates for the first time before then try reinstalling the patch)
● Downloaded copy of XA&XD ISO from myCitrix.com website
● Local administrative rights to the W2012 Server where you are installing XA/XD
● You can avoid the locate media prompts if you extract the ISO locally for a ‘locatable’
installation post reboots
Install XA/XD Software
Step Description Screenshot
1. Log into your 2012
server
Copyright © 2017 www.mastersof.cloud
Page: 55
2. Right click and
‘mount’ the XAXD
ISO
3. Run the autoselect
4. Click start on
XenDesktop
Copyright © 2017 www.mastersof.cloud
Page: 56
5. Click Delivery
Controller
6. Read and accept
the license
agreement and
click Next
Copyright © 2017 www.mastersof.cloud
Page: 57
7. Install All Core
Components
8. Select all optional
features
Click Next
Copyright © 2017 www.mastersof.cloud
Page: 58
9. Click Next
10. Click Install
Copyright © 2017 www.mastersof.cloud
Page: 59
11. Reboot
12. After restart it may
prompt for XD
install media – as
the ISO wont be
mounted and the
installer won't be
able to find the ISO
– simply click
cancel
Remount the ISO
(right click + mount)
Run Auto Select,
Select XenDesktop
Select Delivery
Controller
The installation will
continue
Copyright © 2017 www.mastersof.cloud
Page: 60
13. Reboot when
prompted
14. After restart it may
prompt for XD
install media – as
the ISO wont be
mounted and you
won't be able to find
the ISO – simply
click cancel
Remount the ISO
run Auto Select
Select XenDesktop
Select Delivery
Controller
The installation will
continue
Copyright © 2017 www.mastersof.cloud
Page: 61
15. Skip the Smart
Tools connection
16. At Completion,
ensure Launch
Studio is selected
and click Finish
Copyright © 2017 www.mastersof.cloud
Page: 62
Create the XA/XD Site
Step Description Screenshot
1. The Citrix Studio
will launch after
setup / install
2. Select Site Setup -
Deliver
applications and
desktops to your
users
Copyright © 2017 www.mastersof.cloud
Page: 63
3. Select Fully
Configured
In this example we
will setup the site
name as
Production
4. Select the default
Create and setup
databases from
studio
The SQL Express
setup will be
detected and
details entered
Copyright © 2017 www.mastersof.cloud
Page: 64
5. In this example we
will select the 30
day trial and
proceed with the
defaults
6. In this example as
this is a standalone
XA/XD Machine we
will not setup a
hypervisor
connection
(machine
management)
Copyright © 2017 www.mastersof.cloud
Page: 65
7. We will not install
AppDNA or –
App-V Publishing
features
These can be
added later if
required
8. Review the
summary page and
click Finish
Copyright © 2017 www.mastersof.cloud
Page: 66
Install the XA/XD VDA (Virtual Delivery Agent)
Step Description Screenshot
1. Mount the XA/XD
ISO and run
AutoSelect.exe
2. Select Prepare
Machines and
Images – Virtual
Delivery Agent for
Windows Server
OS
Copyright © 2017 www.mastersof.cloud
Page: 67
3. Select Enable
connections to a
server machine
4. Leave the defaults
and click Next
Copyright © 2017 www.mastersof.cloud
Page: 68
5. Do not select any
additional
components
Click Next
6. Select Do It
Manually for the
locations of the
delivery controller
Enter the localhost
server name for
the Controller
address (itself)
Click Test
Connection and
click Add
(next button will
only highlight after
this)
Click Next
(Note that you can
allow MCS or AD
discovery to setup
this for you
automatically and is
recommended in a
Copyright © 2017 www.mastersof.cloud
Page: 69
production
environment)
7. Select all Features
Click Next
8. Click Next
Copyright © 2017 www.mastersof.cloud
Page: 70
9. Click Install
10. Reboot when
promoted
11. Cancel the ‘locate
media’ prompts
12. Remount the ISO,
run AutoSelect,
re-select Prepare
Machines and
Images – Virtual
Delivery Agent for
Windows Server
OS
Copyright © 2017 www.mastersof.cloud
Page: 71
13. The Installation will
continue
14. Click Finish
Copyright © 2017 www.mastersof.cloud
Page: 72
Create a Machine Catalog
Step Description Screenshot
1. Once the Site has
been set up the
console will be
ready
Click Setup
machines for
desktops and
applications or
remote PC access
2. Click Next
Copyright © 2017 www.mastersof.cloud
Page: 73
3. Select Server OS
and click Next
We will install this
on the XA/XD DDC
for demo purposes
only
(not recommended
in Production)
4. As we previously
did not setup
machine
management, leave
the default options
selected
Copyright © 2017 www.mastersof.cloud
Page: 74
5. Click add
computers
Enter your server
name
add your DDC
Click Next
Copyright © 2017 www.mastersof.cloud
Page: 75
6. Give your machine
catalog a name
and description
Click Finish
7. Click Delivery
Groups 3 – Setup
delivery groups to
assign to desktops
and applications to
your users
Copyright © 2017 www.mastersof.cloud
Page: 76
8. Click Next
9. Select the (only)
Machine Catalog
created in the
previous steps
Click Next
Copyright © 2017 www.mastersof.cloud
Page: 77
10. Browse your AD
configuration for the
users you wish to
have permission to
launch these
desktops
In our example we
will simply choose
home\domain users
(not recommended
for production)
11. Skip the application
selection /
Publication
Copyright © 2017 www.mastersof.cloud
Page: 78
12. Assign the
desktops (for VDI)
click Add
Setup the Desktop
as follows
assigning a
display name,
description and
restrict the
desktop to
specific domain
users (in this
instance we have
again selected
Domain users)
Ensure Enable
desktop is selected
Click Next
Note: You could
also select ‘allow
everyone with
access to this
delivery group to
use a desktop’
which simplifies
permissions
management but
assumes you want
all users of this
delivery group to
have access to a
Citrix Desktop
Copyright © 2017 www.mastersof.cloud
Page: 79
13. Enter a name for
the delivery group,
enter a description
and click Finish
Copyright © 2017 www.mastersof.cloud
Page: 80
Test the Citrix Desktop Launch
Step Description Screenshot
1. Open a Browser
locally on the Citrix
server. The default
page will already be
setup and created
for you @
http://localhost/Citri
x/StoreWeb/
2. Login as a member
of the group that
has access to the
desktop published
in the previous
steps – In our
example we can log
in as any user who
is a member of
‘domain user’ (all
user accounts by
default)
Copyright © 2017 www.mastersof.cloud
Page: 81
3. Select the
Desktops Tab and
click the Server
Desktop
4. If the setup has
been successful the
Citrix desktop
session will start
Copyright © 2017 www.mastersof.cloud
Page: 82
StoreFront Configuration
Whilst the StoreFront site will already be preconfigured by the XA/XD Setup wizard, there
are some settings we need to set up in order for NetScaler to be able to connect to the
StoreFront server and launch sessions.
Prerequisites
Item Description
● You will need to know the FQDN of your NetScaler Gateway
● The internal or private IP Address of the VIP assigned to the NetScaler Gateway*
● Know the details of your Citrix Server STA (our Citrix DDC(s))
* The StoreFront server must be able directly communicate with the VIP of the NetScaler
Gateway, otherwise when the StoreFront server resolves the FQDN it will resolve the
internet IP address and potentially will not work.
Modify the Default Store
Step Description Screenshot
1. Log into Citrix
Studio
Expand Citrix
StoreFront
Select the Existing
Store ‘Store
Service’
Click Manage
NetScaler
Gateways
Copyright © 2017 www.mastersof.cloud
Page: 83
2. Click Add
Enter the Display
name and the
FQDN of the
external Gateway
URL
(In this example my
gateway FQDN is
called
‘gateway.jsconsulti
ng.services’
Click Next
3. Click Add
Enter the Name of
your DDC
In our example we
only have one
server – which is
the
http://citrixserver.ho
me.local/scripts/ctx
sta.dll
Click Next
Copyright © 2017 www.mastersof.cloud
Page: 84
4. Enter the callback
URL of the
NetScaler Gateway
ensuring your
StoreFront server is
able to resolve the
FQDN to an
internal/private ip
address.
Click Create
5. Close the Manage
NetScaler
gateways screen
6. Ensure the
StoreFront / Citrix
server can resolve
the FQDN to the
inside IP Address
of the NetScaler
Gateway
Use locally
managed DNS if
you have the Zone
configured on your
local DNS server(s)
Or use the
Windows host file
to add a private Note: Windows host file is located in c:\windows\system32\drivers\etc\hosts and has
entry. no extension. You may need to copy it to the users desktop first, manipulate the file,
and copy it back due to Windows User Account Control (UAC)
Copyright © 2017 www.mastersof.cloud
Page: 85
7. Ensure the
StoreFront server
resolves the FQDN
to the NetScaler
inside VIP address
Note: In production environments ping may not be allowed between the NetScaler
network and the StoreFront network(s) – you need to ensure that 443 TCP is opened
and allowed through the Firewall from the StoreFront servers to the NetScaler VIP
8. Back in the Studio
expand Manage
Authentication
Methods
Copyright © 2017 www.mastersof.cloud
Page: 86
9. Ensure
Pass-through
from NetScaler
Gateway is ticked
10. Back in Studio
Select your store
and click
Configure Remote
Access Settings
Ensure you Enable
remote access
Select No VPN
Tunnel
Tick the NetScaler
Gateway
appliance listed
Click OK
Copyright © 2017 www.mastersof.cloud
Page: 87
Create a New StoreFront Store - Stand Alone
Step Description Screenshot
1. Open the Citrix
StoreFront
Console
Expand Citrix
StoreFront
Click Stores
Click Create Store
2. Click Next
Copyright © 2017 www.mastersof.cloud
Page: 88
3. Give the store a
name
Select Set this
receiver for Web
site as IIS Default
Click Next
Copyright © 2017 www.mastersof.cloud
Page: 89
4. Click Add
On the Add
Delivery Controller
screen click Add
Add Delivery
Controllers FQDN
Untick Servers are
load balanced
Select Transport
type as HTTP
(you should use
HTTPS if the SF
server is in a DMZ
or for extra
security)
Click OK
Copyright © 2017 www.mastersof.cloud
Page: 90
5. Click Next
6. Enable Remote
Access
Ensure Allow
Users to access
resources only
delivered through
StoreFront (No
VPN Tunnel) is
selected
Click Add
Copyright © 2017 www.mastersof.cloud
Page: 91
7. Enter details for
the new gateway
Example: my
gateway is called
gateway.jsconsultin
g.services and the
URL is
https://gateway.jsco
nsulting.services
Click Next
8. On the STA Screen
Click Add
Enter the FQDN of
the Citrix XA/XD
server
Copyright © 2017 www.mastersof.cloud
Page: 92
9. Enter the FQDN of
the STA server
Click OK
10. Untick Load
balance multiple
sta servers
Tick Enable
session reliability
Untick request
tickets from two
stas, where
available
Click Next
Copyright © 2017 www.mastersof.cloud
Page: 93
11. Enter the
NetScaler details
– Leave logon type
as domain
Enter Callback
URL as the same
entered in step 6
https://gateway.jsco
nsulting.services
Click Create
Copyright © 2017 www.mastersof.cloud
Page: 94
12. Click Finish
Copyright © 2017 www.mastersof.cloud
Page: 95
13. Ensure default
appliance is the
NetScaler
appliance created /
added in steps 1
through 12
Click Next
Copyright © 2017 www.mastersof.cloud
Page: 96
14. Ensure that both
methods of
Authentication are
selected –
Username and
password and
Pass through
from NetScaler
Gateway
Click Next
Copyright © 2017 www.mastersof.cloud
Page: 97
15. Leave both options
ticked
Click Create
Copyright © 2017 www.mastersof.cloud
Page: 98
16. Click Finish
17. Back in the
StoreFront
console click
Receiver for Web
Sites tab and copy
your StoreFront
URL
&
Open your internet
browser and test
https://gateway.jsconsulting.services
this URL
Copyright © 2017 www.mastersof.cloud
Page: 99
NetScaler Gateway - ICA Proxy
Overview Diagram
Copyright © 2017 www.mastersof.cloud
Page: 100
Prerequisites
Item Description
● DNS is configured on the NetScaler correctly
● The internal or private IP Address of the VIP assigned to the NetScaler Gateway *
● Know the details of your Citrix Server STA (our Citrix DDC(s))
● Firewall ports are open between the NetScaler and the StoreFront server
● StoreFront already configured and setup (otherwise retrieve attributes won’t work)
In this section of the course we will connect the NetScaler to our basic Citrix XA/XD
Environment. Here you will see how quickly you can set up, secure and enable remote
access to your Citrix environment via the NetScaler Gateway.
NOTE: you must have an active Citrix XenApp/XenDesktop server and a StoreFront server
to proceed with the following steps. If not – please just follow along this guide to understand
the steps involved or follow the previous XA/XD and StoreFront setup guides.
Configure the NetScaler Gateway for XA/XD - Wizard
Step Description Screenshot
1. Log into NetScaler
GUI
2. Under Integrate
with Citrix
Products - Click
XenApp and
XenDesktop
Click Get Started
Copyright © 2017 www.mastersof.cloud
Page: 101
3. Ensure StoreFront
Is selected and
Click Continue on
the Prerequisites
NOTE: you must
have an active
Citrix
XenApp/XenDeskto
p server and a
StoreFront server
to proceed with the
following steps. If
not – please just
follow along this
guide to understand
the steps involved.
Copyright © 2017 www.mastersof.cloud
Page: 102
4. Provide the details
that are relevant to
your StoreFront
and Citrix XenApp
setup
Gateway FQDN:
gateway.jsconsultin
g.services
Gateway IP
Address: Inside
private IP address
for the Virtual
Server. (aka VIP)
Port: 443 (SSL)
Redirect: Tick this
option if you are
also forwarding http
traffic to this VIP so
the NetScaler will
redirect the users to
https.
Then click
Continue
Note: In this guide
we are using the
following specific
details as working
examples – you
should use the
appropriate settings
for your
environment
5. Because we
enabled port 80
redirection the
wizard will enable
the LoadBalancing
Feature on the
NetScaler – Click
Yes
Copyright © 2017 www.mastersof.cloud
Page: 103
6. Select the
certificate you
have previously
installed on the
NetScaler.
Note: you should
have the complete
certificate chain
installed on the
NetScaler – a later
video will go
through these steps
to ensure the
complete Certificate
chain is installed.
Click Continue
7. Keep
Authentication as
Domain
Select Use
Existing Server
Select the server
that has the
‘NSUsers’ profile
associated (will be
listed in order of
creation so usually
the second server
in the list)
Copyright © 2017 www.mastersof.cloud
Page: 104
8. Click Continue
9. Enter the details of
your StoreFront
server
The retrieve stores
button will not work
if the StoreFront
server is not
configured. You will
not be able to
proceed with this
wizard if you can't
‘retrieve store’ as
the wizard will not
let you proceed
manually
In this example our
StoreFront and
Citrix XenApp are
installed on the
same box so the
URLs can point to
the same server
10. Click Continue
Copyright © 2017 www.mastersof.cloud
Page: 105
11. On the summary
pages, now all the
basic settings have
been entered you
can click Done
Copyright © 2017 www.mastersof.cloud
Page: 106
NetScaler Unified Gateway
Prerequisites
Item Description
● DNS is configured on the NetScaler correctly
● The internal or private IP Address of the VIP assigned to the NetScaler Gateway *
● Know the details of your Citrix Server STA (our Citrix DDC(s))
● Firewall ports are open between the NetScaler and the StoreFront server
● StoreFront already configured and setup (otherwise retrieve attributes doesn't work)
In this section of the course we will connect the NetScaler to our basic Citrix XA/XD
Environment. Here you will see how quickly you can set up, secure and enable remote
access to your Citrix environment via the NetScaler Gateway.
NOTE: you must have an active Citrix XenApp/XenDesktop server and a StoreFront server
to proceed with the following steps. If not – please just follow along this guide to understand
the steps involved or follow the previous XA/XD and StoreFront setup videos.
Create the NetScaler Unified Gateway – Wizard
Step Description Screenshot
1. Log into NetScaler
Click Unified
Gateway in the Left
Pane under
‘Integrate with Citrix
Products’
Copyright © 2017 www.mastersof.cloud
Page: 107
2. Click Get Started
3. Click Continue
Copyright © 2017 www.mastersof.cloud
Page: 108
4. Enter the following
details as
appropriate for your
configuration
5. Use the existing
certificate already
installed
Click Continue
Copyright © 2017 www.mastersof.cloud
Page: 109
6. Select the
appropriate LDAP
server
Click Continue
7. Change Portal
Theme to the New
RFWebUI
(note RFWebUI
does not currently
work with SAML)
8. Click the + Icon
Copyright © 2017 www.mastersof.cloud
Page: 110
9. Select XenApp &
XenDesktop
Select Integration
point as
StoreFront
10. Enter the Details of
your XA&XD STA
and StoreFront
server URLs then
click Retrieve
Stores
Receiver for Web
Path will appear
and be validated
Click Continue
11. Click Done
Copyright © 2017 www.mastersof.cloud
Page: 111
12. You will be returned
to the Applications
Page and a
StoreFront
application will
appear
13. Click Continue
14. On the summary
page click Done
Copyright © 2017 www.mastersof.cloud
Page: 112
15. Access the Unified
Gateway Page and
check you can log
into the NetScaler
page
16. Select Clientless
Access
Click Desktops
and ensure you can
see your XA&XD
Desktops
Load the desktop to
ensure a full end to
end test is
performed
Copyright © 2017 www.mastersof.cloud
Page: 113
NetScaler Gateway - SSL VPN
Create a Basic NetScaler Gateway for SSL VPN
Prerequisites
Item Description
● NetScaler configured with IP Address, Certificates and accessible from the clients either
internally or remotely over the internet.
● Ensure Split Tunnelling is Off
● Port 443 forwarded from firewall / router to the NetScaler VIP
● Ensure the Default Authorization on the global configuration is set to allow
Step Description Screenshot
1. Check NetScaler System > Settings > Configure Basic Features
gateway feature is
enabled
2. Ensure Global
settings for NS
Gateway is set to
Allow
Copyright © 2017 www.mastersof.cloud
Page: 114
3. Expand NetScaler
Gateway
Click NetScaler
Gateway Wizard
4. A Separate Wizard
page will open
Click Get Started
Copyright © 2017 www.mastersof.cloud
Page: 115
5. Provide the details
of your new gateway
Note: my details are
provided as an
example only
6. Select the existing
Certificate already
installed on your
NetScaler
Click Continue
Copyright © 2017 www.mastersof.cloud
Page: 116
7. Select the default
authentication of
Local and Don't
select a secondary
auth method
Once the wizard has
completed create a
user called
nsgw-localuser
password:
<yourpassword>
User
Administration>
AAA Users > Add
Button
Click Continue
Copyright © 2017 www.mastersof.cloud
Page: 117
8. You may close the
dashboard that is
opened by default
after creation of the
new Gateway
9. Ensure your newly
created gateway is
added to DNS
internally or
externally (wherever
you are connecting
to it from)
Open a web
browser to the
NetScaler VIP
Login
Copyright © 2017 www.mastersof.cloud
Page: 118
10. Success!
Copyright © 2017 www.mastersof.cloud
Page: 119
Install the NS Gateway Plugin - Windows
Prerequisites
Item Description
● You should be a local administrator of the device where you are install the gateway plug-in
Step Description Screenshot
1. Ensure your newly
created gateway is
added to DNS
internally or
externally (wherever
you are connecting
to it from)
Open a web
browser to the
NetScaler VIP
Login
Copyright © 2017 www.mastersof.cloud
Page: 120
Select Network
Access
Click Download
Copyright © 2017 www.mastersof.cloud
Page: 121
Click Run
Click Install
Note: You must be
a local administrator
to install this
Software
Click Yes to any
Windows UAC
prompts
Copyright © 2017 www.mastersof.cloud
Page: 122
Click Finish
The Gateway VPN
will connect
automatically and
the web page will
display the
NetScaler VPN
Home Page.
Copyright © 2017 www.mastersof.cloud
Page: 123
Create a NetScaler Gateway Preauthentication Policy
Step Description Screenshot
1. Expand >NetScaler
Gateway > Policies
>
Preauthentication
2. Click Add
Copyright © 2017 www.mastersof.cloud
Page: 124
3. Name the policy
something like
PreAuthPol_Notepa
d-is-running
Click the + next to
Request Action
Note: you can call it
whatever you want, I
like to keep a
standard format
when creating
policies and profiles
so they are
distinguishable in
the various screens
and in the ns.conf
file as well
4. Click Create
Copyright © 2017 www.mastersof.cloud
Page: 125
5. Click Expression
Editor
Select Expression
Type of: Client
Security
Component:
Process
Name*:
notepad.exe
Operator: EXISTS
Then click Done
6. Note the expression
is automatically
created for you now
as
CLIENT.APPLICATI
ON.PROCESS(note
pad.exe) EXISTS
CLIENT.APPLICATION.PROCESS(notepad.exe) EXISTS
Copyright © 2017 www.mastersof.cloud
Page: 126
7. Click Create
8. Bind the new policy
globally
Select NetScaler
Gateway >
NetScaler Gateway
Policy Manager
9. Click the + on AAA
Global
10. Click Add Binding
Copyright © 2017 www.mastersof.cloud
Page: 127
11. Click in the Click to
Select
12. Select the only
PreAuthPolicy
available
Click Select
13. Click Bind
Copyright © 2017 www.mastersof.cloud
Page: 128
14. Click Done
15. Click Done
Copyright © 2017 www.mastersof.cloud
Page: 129
16. Browse to the
gateway and check
that before you type
in any authentication
credentials that the
EPA scan is invoked
Click Yes
17. EPA Scan with
notepad not running
Copyright © 2017 www.mastersof.cloud
Page: 130
18. EPA Scan with
notepad Running
Your users can now
authenticate
19. Authenticate against
the NetScaler page
again and then
confirm you can
access all NetScaler
resources
Configure NetScaler Gateway with Split Tunnelling
Step Description Screenshot
1. In order that our
users devices know
which network is
‘local’ and which
network is remote
we need to define
our remote network
resources
Copyright © 2017 www.mastersof.cloud
Page: 131
2. First we ensure that
split tunnelling is
enabled
NetScaler gateway
> Global Settings >
Change Global
Settings
Click the Client
experience tab
Change Split
Tunnel* to ON
Click OK
3. Expand NetScaler
gateway >
Resources >
Intranet
Applications
Click Add
Copyright © 2017 www.mastersof.cloud
Page: 132
4. Here we add the
remote networks we
want the users /
VPN tunnel to have
access to when the
Gateway client is
logged on
In this example we
will use the full
home.local network
Click Create
5. Browse back to
NetScaler gateway
> Global Settings
tab
Click Define
intranet
applications...
Copyright © 2017 www.mastersof.cloud
Page: 133
6. Click Add
7. Click the Right
Arrow (or the +
symbol next to the
Resource) to include
the new Intranet
Resources for our
Split Tunnel
Copyright © 2017 www.mastersof.cloud
Page: 134
Click OK
8. Save your
NetScaler
configuration
9. Test your VPN
connectivity
Create Authorisation Policies for NS Gateway
Step Description Screenshot
1. Expand >NetScaler
Gateway > Global
Settings > Change
Global Settings
Copyright © 2017 www.mastersof.cloud
Page: 135
2. Click Security tab
Change Default
Authorization Action
to DENY
Note: This change
will affect all
Gateways
configured on the
NetScaler that do
not specifically
reverse.
3. Expand NetScaler
Gateway > Policies
> Authorization
Policies
Click Add
4. Create a new policy
In this example we
will call it
AuthPol_VPN_192.1
68.1.1 as the only
‘destination’ this
policy will allow is to
192.168.1.1
Copyright © 2017 www.mastersof.cloud
Page: 136
5. Click Switch to
Classic Syntax
Click Expression
Editor
6. Enter the IP address
details into the
Expression Editor of
the destination IP
you want to allow
access to
Copyright © 2017 www.mastersof.cloud
Page: 137
7. Click Create
Note: the Reg
Expression has
been ‘built for you
by the editor’ you
can type these
manually if you
know the commands
(or find them online!)
8. Bind this new policy
to a NetScaler User
NetScaler Gateway
> User
Administration
>AAA Users
Select the user +
Edit
Click +
Authorization
Policies
Select the
Authorization policy
Click Bind
Tip: to bind this to
LDAP users you
must have
username locally
that matches
Copyright © 2017 www.mastersof.cloud
Page: 138
Setup NetScaler Gateway VPN to use a LDAP Authentication
Policy
Step Description Screenshot
1. Let’s Bind the
LDAP_NetScaler_U
sers policy now to
this VPN / Gateway
2. Browse to the
gateway and click
Edit
3. Click the + on Basic
Authentication
Choose LDAP as
policy
Choose Primary
Authentication
Click Continue
Copyright © 2017 www.mastersof.cloud
Page: 139
4. Select the LDAP
policy you have
created for
NetScaler Users
(and not
administrators)
5. Click Done
6. Test and confirm
7. We must create an
AAA Group and bind
an authorisation
policy to this group
Expand NetScaler
Gateway > User
Administration >
AAA Groups
Click Add
Copyright © 2017 www.mastersof.cloud
Page: 140
8. Create a group
name that
MATCHES (Case
sensitive) the AD
group specified in
the LDAP
Policy/Profile
Click OK
9. Attach the
Authorization Policy
to this group
Click +
Authorization
Policies on the right
10. Click the > to bring
up the policy
selection window
Copyright © 2017 www.mastersof.cloud
Page: 141
11. Select the
Authorization
Policy previously
created
12. Click Bind
Copyright © 2017 www.mastersof.cloud
Page: 142
13. Click Done
Copyright © 2017 www.mastersof.cloud
Page: 143
Configure NetScaler Gateway with SAML for ICA
Proxy (Federated Authentication)
Prerequisites
Description
● Citrix FAS Service installation
● XA/XD 7.6 or newer
● StoreFront 3.6 or newer (I've tested with 3.9)
● SAML Provider acting as the iDP (Google in this instance)
● NetScaler Gateway configured as the SP
● Active Directory Certificate Services
● Access to edit Windows GPOS and OUs to assign the CFAS service its service location
Create NetScaler SAML Policy to 3rd Party iDP (Google)
In this section we will create a new SAML Policy for the NetScaler to use Google as the
SAML iDP. Note: this cannot be bound to a Gateway when using the rfwebUI ‘theme’.
Step Description Screenshot
1. Connect to
admin.google.com
Copyright © 2017 www.mastersof.cloud
Page: 144
2. Click Apps
3. Click SAML Apps
4. Click the + to add a
new SAML
Application
Copyright © 2017 www.mastersof.cloud
Page: 145
5. Select Setup my
own custom app
Copyright © 2017 www.mastersof.cloud
Page: 146
6. Take note of the
IDP data you are
provided and copy
and paste your
URL
Be sure to
DOWNLOAD the
Certificate and
save this for
uploading to the
NetScaler later.
Copyright © 2017 www.mastersof.cloud
Page: 147
7. Describe your new
app
Copyright © 2017 www.mastersof.cloud
Page: 148
8. Note: the default
ACS URL for the
NetScalers must
have a trailing
/cgi/samlauth
Copyright © 2017 www.mastersof.cloud
Page: 149
9. Click Finish
Copyright © 2017 www.mastersof.cloud
Page: 150
10. Summary of the
App SSO Setup in
the Google admin
panel
11. Be sure to enable
the new Application
click the three dots
...
Select
ON for everyone
Note: this new
configuration can
take up to 24
hours to be
available. Prior to
this being ready
you may get a ‘user
not found’
message.
Copyright © 2017 www.mastersof.cloud
Page: 151
12. Note: users will
have access to a
shortcut to this new
app in their Google
Console
Copyright © 2017 www.mastersof.cloud
Page: 152
13. Upload the Google
IDP Certificate to
the NetScaler
Copyright © 2017 www.mastersof.cloud
Page: 153
14. Install the CA
Certificate
15. Here you can see
the certificate
installed as another
CA Certificate
Copyright © 2017 www.mastersof.cloud
Page: 154
16. Expand NetScaler
> Security>AAA -
Application
Traffic>Policies>A
uthentication>Bas
ic
Policies>SAML>P
olicies>Servers
Enter appropriate
details for your new
SAML profile
Note: the redirect
URL and Single
Logout URL will be
unique to your
Google account
Copyright © 2017 www.mastersof.cloud
Page: 155
17. Create a new
SAML
Authentication
Policy
set the expression
of this policy to
ns_true
Link that to the
newly created
Google SAML
Server
18. Bind this policy to
your NetScaler
Gateway
Click the + against
Basic
Authentication
Note: You may
need to remove
other
Authentication
policies (like LDAP)
from the bound
authentication
before adding the
SAML policy as the
Primary method.
Copyright © 2017 www.mastersof.cloud
Page: 156
19. Choose SAML
Choose Primary
Click Continue
20. Select the SAML
binding
21. Edit the NetScaler
Gateway Session
Profile (Session
Server) and blank
the Single Sign On
Domain field
NetScaler Gateway
> Click Session
Policies
Copyright © 2017 www.mastersof.cloud
Page: 157
22. Select the policy
and edit the profile
23. Ensure Single
Sign-on Domain is
empty
Copyright © 2017 www.mastersof.cloud
Page: 158
24. Ensure your google
email matches your
AD User Logon
Name
25. If not you can add a
new UPN for the
domain from Active
Directory Domains
and Trusts
26. Add any Additional
UPN suffix you may
require to match
your google email
sign-in
Copyright © 2017 www.mastersof.cloud
Page: 159
Install The Citrix Federated Authentication Service (CFAS)
Step Description Screenshot
1. Mount the XA/XD
ISO on your server
and select the
Federated
Authentication
Service
2. Read the license
agreement and
make your choice
3. Click Next
Copyright © 2017 www.mastersof.cloud
Page: 160
4. Click Next
5. Click Install
Copyright © 2017 www.mastersof.cloud
Page: 161
6. Click Finish
7. Create the GPO to
point the FAS
server to itself (see
step 9)
When the GPO
exists the ‘address’
field will be filled in
for you
automatically
8. Copy the Citrix
ADMX files from
C:\Program
Files\Citrix\Federa
ted Authentication
to Active Directory
c:\windows\policy
definitions
Copyright © 2017 www.mastersof.cloud
Page: 162
Service\PolicyDefini to
tions
9. Edit group policy to
have the server
point to itself for
FAS
open gpmc.msc
browse to
Computer >
Administrative
Templates:
Policy> Citrix
Components >
Authentication
Enter the DNS
server address of
the server hosting
the FAS service (as
per screenshot)
Note: the VDA(s),
the StoreFront and
the FAS server all
need to have this
policy applied
10. run gpupdate
/force
Copyright © 2017 www.mastersof.cloud
Page: 163
11. Right click the
CFAS
Administration
console and
always Run As
Administrator
12. You should now
have the CFAS
server listed
Click OK
Copyright © 2017 www.mastersof.cloud
Page: 164
13. Click on Step 1 -
Start Button
14. Click OK
15. You can verify the
creation of the
templates in ADCS
Copyright © 2017 www.mastersof.cloud
Page: 165
16. Once this is
completed without
errors click Start on
Step 2
17. Click OK
Copyright © 2017 www.mastersof.cloud
Page: 166
18. Finally click Start
on Step 3
19. Click OK
Copyright © 2017 www.mastersof.cloud
Page: 167
20. The console is
waiting for the
request to be
approved (issued)
from the AD
Certificate Services
21. Log into the ADCS
and Approve the
pending Certificate
request
Right click the
Pending request
Select All Tasks
Select Issue
Copyright © 2017 www.mastersof.cloud
Page: 168
22. Step 3 will go green
23. Click the User
Rules tab and
configure CA, CT
and Access Control
Lists if appropriate
24. Click Edit and Add
the StoreFront
Server to be able
to use the ‘rule’
Copyright © 2017 www.mastersof.cloud
Page: 169
Remove domain
computers as they
will be set to ‘deny’
25. Click Apply
Copyright © 2017 www.mastersof.cloud
Page: 170
Configure StoreFront to Delegate Authentication to NetScaler
Step Description Screenshot
1. Open Citrix Studio
or StoreFront
management
2. Select your Store
and left click
Manage
Authentication
Methods
3. Click Passthrough
from NetScaler
Gateway >
Configure
Delegated
Authentication
Copyright © 2017 www.mastersof.cloud
Page: 171
4. Click OK
5. Note: You will need
to trust requests
sent to the DDC
XML Ports for all
DDC Servers.
RDP to each
Delivery Set-BrokerSite -TrustRequestsSentToTheXmlServicePort $true
Controller as a
Citrix or local
administrator
Open Powershell
type ‘asnp Citrix*’
type
‘Set-BrokerSite
-TrustRequestsSen
tToTheXmlService
Port $true’
6. Note: You can verify
if this was
successful by
running
get-brokersite
Copyright © 2017 www.mastersof.cloud
Page: 172
Configure NetScaler High Availability
Prerequisites
Description
● Two NetScaler devices on the same network both with NetScaler IPs (NSIPs) assigned
● The devices must be able to communicate to each other on TCP 3003
● Not have any other NetScaler devices already joined as part of an HA Pair
● On creation of the HA pair the NetScalers may temporarily disconnect active ICA sessions
● Must deploy the same firmware version on both NetScaler appliances before configuring HA
● Primary NetScaler should be set to ‘stay primary’
Copyright © 2017 www.mastersof.cloud
Page: 173
Deploy Secondary NetScaler
Step Description Screenshot
1. Power on and
deploy another
Secondary
NetScaler 11.1.x
2. Assign this device a
new NSIP (one
that’s obviously not
in use)
Then reboot the
NetScaler
3. Be sure to apply a
NetScaler license
(see Install the
NetScaler Trial
License)
You can skip the
Subnet IP Address
addition in the
Welcome wizard as
it will get this
configuration when
the HA is set up
You just need to
configure
timezone, DNS,
hostname and
Copyright © 2017 www.mastersof.cloud
Page: 174
install the trial
license
Copyright © 2017 www.mastersof.cloud
Page: 175
Setup High Availability – NetScaler 1
Step Description Screenshot
1. Log into NetScaler
1
2. (Recommended)
During the setup –
Set the
Synchronisation
state of the
Primary (First)
NetScaler as ‘Stay
Primary’
Expand System >
High Availability
Copyright © 2017 www.mastersof.cloud
Page: 176
3. Select NetScaler
Click Edit
Change HA Status
to Stay Primary
Click OK
4. Click Add
Enter the Details of
the Secondary
NetScaler
provisioned
Then click Create
Copyright © 2017 www.mastersof.cloud
Page: 177
5. Under System >
High Availability
check there are
now two NetScaler
nodes available
6. Save the config
7. Synchronisation
should read
‘Success’
Copyright © 2017 www.mastersof.cloud
Page: 178
HA Failover NetScaler 1 to NetScaler 2
Now that the NetScalers are synchronised we can fail the active / primary node over from
NS1 to NS2 and check all services are still up and running.
Step Description Screenshot
1. Log into NetScaler
1
2. Check IP
assignments on this
NetScaler are all
showing as Active
3. Check SSL
Certificates are
available on the
Secondary Node
and that they have
synchronised fully
Copyright © 2017 www.mastersof.cloud
Page: 179
4. Under System >
High Availability
select NS1 and
change High
Availability Status
to Enabled
(Actively
Participate…)
Click OK
5. Select Action >
Force Failover
6. Click OK
7. Confirm NS1 is now
the ‘secondary
node’
Copyright © 2017 www.mastersof.cloud
Page: 180
8. Connect to NS2
administration
URL
(in this example its
https://192.168.1.60
)
Ensure the device
Master State is now
Primary
9. Confirm settings
like all IPs are
active on the
NetScaler (and not
passive)
Copyright © 2017 www.mastersof.cloud
Page: 181
10. Test the Gateway
Virtual Server and
ensure the page
displays and
perform a full end
to end connection
test
Copyright © 2017 www.mastersof.cloud
Page: 182
NetScaler Load Balancing
Prerequisites
Description
● Two Web Servers (Linux or Windows) publishing a simple html page as red or blue
background - A.K.A the services you want to load balance
● New Internal Virtual IP address for the Virtual server (a load balanced VIP) on a network
● A target service that represents the application on the servers (e.g. port 80 for web traffic)
Enable the Load Balancing Feature
Step Description Screenshot
1. Expand Traffic
Management
Right click Load
Balancing
Select Enable
Feature (assuming
your NetScaler is
licensed for this)
2. The exclamation
mark should
disappear when the
feature is enabled
Copyright © 2017 www.mastersof.cloud
Page: 183
Setup Basic HTTP Load Balancing, Service Groups and
Monitors
Step Description Screenshot
1. Expand Traffic
Management
Right click Load
Balancing
Select Enable
Feature
2. Select Servers
Click Add
Enter the details of
the server
In our example we
will add
192.168.1.11 which
is a Window server
running AD, DNS
and IIS
and another IIS
server only running
on 192.168.1.12
Click Create
Note: Repeat these
steps for each
server name or IP
address you want to
load balanced
services on
Copyright © 2017 www.mastersof.cloud
Page: 184
3. Servers Added
Copyright © 2017 www.mastersof.cloud
Page: 185
4. Add your Service(s)
These are the
services you want to
bind to the servers
you added in your
previous step
for example:
Web Traffic (port 80
or 43)
DNS Traffic (port
53)
LDAP traffic on 389
or 636 (secure)
5. Change the default
monitors on these
services
Select the service >
Edit > Monitors
Copyright © 2017 www.mastersof.cloud
Page: 186
6. Click Add Binding
Select HTTP
Monitor
Keep the defaults
in the configure
monitor window
click OK
7. Optional Create a
Service group
Note: A Service
group is an easier
way to bind monitors
to these ports for
both services rather
than having to
configure it
individually on each
service
Copyright © 2017 www.mastersof.cloud
Page: 187
8. Click Traffic
Management >
Load Balancing >
Virtual Servers
Click Add
Copyright © 2017 www.mastersof.cloud
Page: 188
9. Enter the details of
the new Load
Balancing Virtual
Service
IP Address is the
Virtual IP address
you will assign to
the NetScaler and
will be the IP
address that clients
need to be able to
resolve and connect
directly to
It is this VIP that
should be added to
your DNS FQDN so
clients can resolve
the Load Balancing
service correctly
10. Choose whether to
bind services
directly or service
groups
Click either of the
following options
We will choose the
Servicegroup
`
binding
Note: Service
groups allow you to
manage multiple
groups of services
for things like
Copyright © 2017 www.mastersof.cloud
Page: 189
binding, monitoring
etc
11. Select the Service
Group created in
the previous steps -
lbsg_http_webserve
rs01_02
12. On the LBVS Click
the + on Method
Change the Load
Balancing method to
ROUNDROBIN
Click OK
Click Done
Note: You can
choose any Load
Balancing method,
we are just using
Round Robin as an
example
Copyright © 2017 www.mastersof.cloud
Page: 190
Copyright © 2017 www.mastersof.cloud
Page: 191
13. Click Done
14. Connect to the
LBVS IP Address
and you should see
that you are being
load balanced
between the servers
in the servicegroup
in a Round Robin
fashion
Copyright © 2017 www.mastersof.cloud
Page: 192
NetScaler Support
Backup NetScaler Configuration
Note when backing up the config of the NetScaler the following options will be available
‘NetScaler Basic backup’ will backup config only - for the more frequently updated files.
‘NetScaler Full backup’ will include basic backup and the /nsconfig/SSL sub directory ,
/nsconfig/license, and/nsconfig/fips directory under nsconfig and the /var/NetScaler/ssl/* and
/var/wi if you are using the Web interface on NetScaler (WIonNS)
Step Description Screenshot
From
the
Shell
1. Open PuTTy and
SSH into your
NetScaler
2. Type ‘save ns
config’
3. Type ‘command
create system
backup ‘name’
-level <basic | full
> -comment
‘string’
Example: create system backup -level full (creates backup without comment)
Example: create system backup -level full -comment “This is a Full NS Backup”
4. Confirm the backup
was completed
Type ‘show
system backup’
From
the
GUI
Copyright © 2017 www.mastersof.cloud
Page: 193
5. Open the
NetScaler GUI
6. Select System >
Backup and
Restore (last
option in the
system list)
Note: you will see
the backup already
created by the Shell
in the previous
step(s) if you
followed that
section
7. Click Backup
Copyright © 2017 www.mastersof.cloud
Page: 194
8. Enter the
information as
shown (leave
filename empty for
it to use the default
scheme again)
Click Backup
Note: Add - allows
you to upload a
previously
downloaded
NetScaler backup
tar file
9. Back in the shell
you will be able to
view both backups
using the
show system
backup command
Type ‘show
system backup’
Copyright © 2017 www.mastersof.cloud
Page: 195
Firmware Upgrade of the NetScaler HA Pair
In this section we will walk through how to perform a simple firmware upgrade of the our
Production NetScalers which are in a HA availability pair. Upgrading the Passive node first,
disabling HA sync, rebooting then confirm the device is OK before forcing a HA failover and
repeating the upgrade steps on the other NetScaler.
Step Description Screenshot
1. Download the
latest firmware for
Citrix NetScaler
VPX
2. Open a PuTTy
session and SSH
to the Passive
NetScaler and
login as nsroot
Type ‘shell’
3. browse to
/var/nsinstall by
typing
‘cd /var/nsinstall’
4. Create a new
directory called
12nsinstall
Type
‘mkdir 12nsinstall’
Copyright © 2017 www.mastersof.cloud
Page: 196
5. Open WinSCP
6. Browse to the
newly created
directory in the
WinSCP console
/var/nsinstall/12nsin
stall
Upload the
NetScaler
firmware
downloaded in step
1
7. When copying
completes
extract the tar file
type
‘tar -zxvf
./build-12.0-41.22_
ns_32.tgz’
Copyright © 2017 www.mastersof.cloud
Page: 197
8. Stop the replication set ha node -hasync disabled
between the Note: newer versions of NetScaler will do this automatically when they detect a
NetScalers Version mismatch.
9. Once extraction is
complete run the
upgrade script
type ‘./installns’
10. Reboot the
NetScaler
Type ‘y’ and press
enter / return key
11. Ensure the
NetScaler has
rebooted without
errors or issues and
then failover the
NetScalers.
From the NetScaler
shell type ‘force
HA failover’
12. Repeat all the
above steps on the
other NetScaler
(the now passive
server)
Copyright © 2017 www.mastersof.cloud
Page: 198
Clear the NetScaler Configuration
Per https://support.citrix.com/article/CTX112695/
We can clear the NS config via the GUI and the Shell.
Step Description Screenshot
From
The
GUI
1. Log into your
NetScaler web GUI
2. Expand System >
Diagnostics
Click Clear
Configuration
under
‘Maintenance’
section
3. Select Full
This will reset the
entire device
except for the NSIP
and the default
gateway (leaving
management
network
connectivity
untouched and the
device license!)
Click Clear
Copyright © 2017 www.mastersof.cloud
Page: 199
Note: Force applies
changes without
further prompts
4. You must finally
SAVE
5. Click System >
Reboot in order for
the changes to take
effect
From
the
Shell
Open a PuTTy
session to the
NetScaler shell
and
type
‘clear ns config
-force full’
Copyright © 2017 www.mastersof.cloud
Page: 200
Type ‘save ns
config’
Type ‘reboot’ and
press enter
Copyright © 2017 www.mastersof.cloud
You might also like
- Deloitte Proctored HirePro Versant Test GuideNo ratings yetDeloitte Proctored HirePro Versant Test Guide21 pages
- Week 4 Module 4 Media and Information SourcesNo ratings yetWeek 4 Module 4 Media and Information Sources22 pages
- Developer CLI Operations: Documentation (/)No ratings yetDeveloper CLI Operations: Documentation (/)14 pages
- PaperTrue - Freelance Editor Contract - Shubh Yashaswini100% (1)PaperTrue - Freelance Editor Contract - Shubh Yashaswini8 pages
- ICDL IT Security - Syllabus - V2.0 - Sample Part-Test - MSWIN7IE10 - V1 - 0No ratings yetICDL IT Security - Syllabus - V2.0 - Sample Part-Test - MSWIN7IE10 - V1 - 09 pages
- WWW Linkedhelper Com Blog Linkedin Articles ExamplesNo ratings yetWWW Linkedhelper Com Blog Linkedin Articles Examples24 pages
- Merchant Guide: Version 2.0 - November 2021No ratings yetMerchant Guide: Version 2.0 - November 202122 pages
- Anuna Confidence Nneoma-Design and Implementation of A Quiz Application For Android DeviceNo ratings yetAnuna Confidence Nneoma-Design and Implementation of A Quiz Application For Android Device76 pages
- A & E Specifications THLK-XX-XX-XX-XX Standard Capacity and High Capacity Hardware Virtual Private Network Transmission SystemNo ratings yetA & E Specifications THLK-XX-XX-XX-XX Standard Capacity and High Capacity Hardware Virtual Private Network Transmission System6 pages
- PCOE SAP Solution Manager Check Booking Template v9No ratings yetPCOE SAP Solution Manager Check Booking Template v93 pages
- IT 110 - Webpage Design and Development: "The True Story of The Internet: Browser Wars" (Reflection Paper)No ratings yetIT 110 - Webpage Design and Development: "The True Story of The Internet: Browser Wars" (Reflection Paper)3 pages
