This article is intended for Citrix administrators and technical teams only. Non-admin users must contact their company’s Help Desk/IT support team and can refer to CTX297149 for more information.


This article describes how to configure NetScaler Gateway EPA scans to detect clients without Receiver installed and then send those clients to page with link to the Receiver download. The clients with Receiver are allowed to connect to their ICA applications.
Note: This setup will require CCU licenses, and you will need to set ICA Only to False.

Instructions

Complete the following steps to configure NetScaler Gateway EPA scans to detect Receiver on clients:

1. Navigate to Configuration > NetScaler Gateway > Policies > Session > Add.

2. Use the OPSWAT EPA editor to configure the policy expression:
   CLIENT.SYSTEM('REG-NON-NUM_HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Citrix\\Install\\ICA Client\\InstallFolder') EXISTS
   This will allow the Session Profile, which contains the ICA Proxy settings, to be applied to only clients with the Receiver installed.

3. For users without the Receiver installed, you would have to create a lower priority policy, which would have a profile that would redirect users to the Receiver download page. The following is the policy expression:
   CLIENT.SYSTEM('REG-NON-NUM_HKEY_LOCAL_MACHINE\\SOFTWARE\\Wow6432Node\\Citrix\\Install\\ICA Client\\InstallFolder') NOTEXISTS

4. Create a custom page to point to the Receiver download page. For detailed instructions, refer to CTX138850 - How to Display a Custom Error Page for Unauthorized Users When Session Policies are Bound at the Group Level on NetScaler Gateway Appliance