Handle Netscaler AAA > "Target URL not found for redirection" after login

Citrix published a solution for this [CTX224908]; saying hit the LB first and have it populate “NSC_TASS” cookie. That might not work for all audiences. Users tend to bookmark the login page. Which happens to be AAA page. When they go back to their bookmark they hit the AAA page directly with out the “NSC_TASS” […]

Netscaler: Block Outlook Anywhere for external users

Responder Policy Action: Reset Expression: http.req.url.path.CONTAINS(“rpc”) && client.IP.SRC.IN_SUBNET(10.200.0.0/16).NOT Bind it to exchange load balance vServer. This will block access to Exchange IIS “Rpc” virtual directory (Outlook Anywhere) for devices outside 10.200.0.0/16. You can also go little beyond and create a pattern set and include owa rpc and use the pattern set in the Responder Expression. http.req.url.path.CONTAINS_ANY(“exch_ps”) […]

Applying HDX Policy's based on Access Gateway Connection

The following article illustrates how to apply certain policies (eg: disable access to local drive, printers, clipboard etc..) for users connecting from home (through Citrix Netscaler / Access Gateway) Step 1 Ensure xendesktop controllers configured to trust requests sent to the Citrix XML service. This can be done by executing the following powershell command on […]

Troubleshoot Netscaler AcessGateway autentication

tail -f /var/log/ns.log Example AAA LOGIN_FAILED 233 0 : User smulpuru – Client_ip 04.xx.158.50 – Failure_reason “External authentication server denied access” Cause due to improper configuration of LADP Authentication servers (TLS instead of SSL) Applies to Netscaler 9+ (SDX and VPX)