This article describes how to configure Unified Gateway.

Use Cases

Unify remote access of all enterprise, web, cloud, SaaS and Citrix applications into a single end-to-end solution.

Introduction to Unified Gateway

Citrix NetScaler Unified Gateway (UG) is a solution to help customers deliver simplified, unified remote access to business applications deployed in the corporate datacentre or from the cloud. End users will get all the required applications under one URL. The benefits of UG are summarized below:

• Unified Remote Access Infrastructure – consolidates all remote access into a single end-to-end solution for all enterprise, web, mobile, cloud and SaaS applications, as well as Citrix applications on any device. This consolidation frees up IT resources, as well as drives operational efficiency and reduces operational costs while increasing functionality.
• One URL for Simplified Access for End Users – provides a single highly-customizable GUI for end users to access all their applications.
• Secure Single-sign On – allows integration with enterprise identity stores such as Active Directory, as well as federation with other systems through SAML.
• Unparalleled Visibility – allows for deeper enterprise security and compliance oversight by real-time, end-to-end visibility and reporting of all end-user ICA, TCP and HTTP traffic.
• Centralized and Simplified Security Policy - SmartControl, one of the new features of NetScaler, provides administrators with a simpler way to set access controls for individual XenApp and XenDesktop users based on sophisticated policies set forth by compliance requirements.

---

Instructions

Configuration Steps

NetScaler 11.0 offers a wizard to bring up a Unified Gateway solution, which hides all the complexities under it.

Step 1: Creating Virtual Server

Virtual server to which the end user connects to access internal applications is created first. This is of type SSL.
In NetScaler Management GUI, go to “Configuration” tab. In the left pane, under “Integrate with Citrix Products” section, go to “Unified Gateway”. The right pane gives the wizard welcome page. Press “Get Started” button to start configuring Unified Gateway.

Add UG virtual server to which the users will connect for accessing corporate applications.

NetScaler internally creates a content switch virtual server with this name and IP address. Also, a Gateway virtual server is automatically created which is linked to the content switch virtual server by content switch policy.

Step 2: Binding Server Certificate

Binding a server certificate to SSL server is mandatory. Server certificate is sent out by the server to browsers which use it to authenticate the server. This is required to bring the virtual server up. 

Step 3: Configuring Authentication

Authentication of end users before allowing access of network resources is a necessary step. Two-factor authentication can be configured on Gateway virtual server. “Primary authentication method” for client connections can be configured to use Active Directory/LDAP, RADIUS, or client certificate methods. “Secondary authentication method” cab be either RADIUS or Active Directory/LDAP methods.

The same credential is used to authenticate the enterprise, web, SaaS or Citrix applications configured on UG, as single-sign-on.

Step 4: Configuring Portal Theme

The UG allows customizing the portal to set the required look and feel. You can select logos, background images and colours, EULA agreements, etc. to brand the portal as per organizational standards. There are three predefined portal themes to start with – Default, Greenbubble and X1. You can create your own theme by clicking on the ‘+’ sign and selecting a template theme. 

Step 5: Adding Applications

Add enterprise, web, SaaS or Citrix applications you want to provide access to through the UG solution. In the wizard, these are divided into two types – Web applications and XenApp & XenDesktop. Applications added here will appear as preconfigured applications in the UG portal.

Select “XenApp & XenDesktop” when you want to provide access to virtual applications and desktops.
In this guide, adding web application is shown.
Select “Web Application” and click continue.

Add details of the web application you want to publish through the UG. A web application can be one of the four different types – Intranet application, Clientless access, SaaS and Preconfigured application on this NetScaler. Select appropriate action type and add application URL.
Optionally, icon of the application can also be configured by providing the location of it.
In this guide, “Intranet Application” is added.

This completes the configuration of Unified Gateway. The wizard hides the complexity of configuring the solution by internally creating the required Gateway virtual server, content switch virtual server and bindings.

For more information about Unified Gateway, please see https://docs.citrix.com/en-us/citrix-gateway/current-release/unified-gateway.html  and https://www.citrix.com/blogs/2016/03/29/configuring-xenmobile-unified-gateway

This article describes how to configure Unified Gateway.

Refer to "NetScaler: How Do I?" page for more easy to implement articles on commonly used features of NetScaler.