Citrix policies are applied using as filter IP address of the client

The IP addresses defined are the ones of the endpoints who has Citrix Workspace App installed

The policy worked correctly before upgrading VDA to version 2411

However, when the VDA is upgraded to version 2411 or newer, the policies does not apply

Create the following registry key on the VDA:
[HKLM\SOFTWARE\Citrix\Ica\GroupPolicy]
"UseClientDeviceIpForPolicyFilter"=dword:00000001

Problem Cause

After implementation of  HDX-62375  with CVAD 2411, the source IP for a user's connection can vary depending on the access scenario:
- For users connecting directly to the VDA, the Client IP would be the IP of the user's endpoint device.
- For users connecting through NetScaler Gateway, the Client IP would be the NetScaler's Subnet IP (SNIP) used by the NetScaler to connect to the VDA
- For users connecting through Gateway Service without Rendezvous, the Client IP would be the IP address of the Cloud Connector used to connect to the VDA
- For users connecting through Gateway Service with Rendezvous, the Client IP would be the IP address of the Gateway Service node that the VDA connects to