Configuring XenApp Connections By Using a XenApp Services Site
You can configure Access Gateway 5.0.2 and more recent versions to allow users to connect by using Citrix Receiver or mobile receivers that work with the Web Interface XenApp Services site. To do so, you configure the Web Interface to use XenApp Services sites. Then, on Access Gateway, you create a basic logon point and configure the logon point to use the Web Interface for authentication. When users log on, they can start published applications directly from the computer desktop or mobile device. To give users this type of access, the basic steps are:
- Create a XenApp Services site in the Web Interface, setting the fully qualified domain name (FQDN), Secure Ticket Authority (STA), and the access method. For more information, see Configuring Access Gateway to Use a XenApp Services Site.
- On Access Gateway, create a basic logon point and configure the logon point to use the Web Interface for authentication. For more information, see To configure a basic logon point on Access Gateway.
- In the basic logon point, set the XenApp Services sites as the home page. When you configure the home page, enter the full path to the config.xml file. For example, <WI-ServerName>/citrix/pnagent/config.xml.
- On Access Gateway, configure the STA and the ICA access control list. For more information, see To configure the Access Gateway appliance to use the Secure Ticket Authority and To configure ICA Access Control on the Access Gateway appliance.
If users log on to the default logon point, they only need to type in the Access Gateway FQDN in the address bar of the Web browser. If users do not log on to the default logon point, they must enter the FQDN of Access Gateway, plus the full path of the logon point. For example, users would type in https://AccessGatewayFQDN/lp/logon-point-name.
Before you configure the Web Interface to use a XenApp Services site, consider the following:
- When you configure the Web Interface to use a XenApp Services site, when users log on, their credentials are sent to the Services site for authentication. Access Gateway does not authenticate users. Citrix recommends placing the Web Interface in the DMZ if you are using a Services site.
- To use mobile devices with Access Gateway 5.0 through a XenApp Services site, you must install a minimum of Access Gateway 5.0.2.
- Access Gateway 5.0 only supports Receiver for Android 2.x, or Receiver for iPad 4.2 or more recent versions. You can only use the Web Interface for Access Gateway 5.0.
- Access Gateway Versions 5.0.2 and 5.0.3 support Receiver for Android 2.x, Receiver for iPad 4.2, and Receiver for iOS 5.0 by using either the Web Interface or XenApp Services sites.
- If you use the Web Interface, go to Receiver for Mobile Devices, find the Access Gateway configuration topic for your mobile device and then follow the steps. If using XenApp Services, use the steps described in this topic.
- When using XenApp Services sites, only single-source authentication is supported. When using the Web Interface, both single-source and double-source authentication are supported.
- You must use Web Interface 5.4, which is supported by all built-in browsers.
When you configure a XenApp Services site, when users log on, they can start published applications directly from the mobile device.
To configure Access Gateway to connect to the XenApp Services site
- In the Access Gateway Management Console, click Management.
- Under Access Control, click Logon Points.
- In the Logon Points panel, click New.
- In the Logon Points Properties dialog box, in Name, type a unique name for the logon point.
- In Type, select Basic.
- Select Authenticate with Web Interface.
- In Web Interface, type the full path to the config.xml file within the XenApp Services site and then click Save.