Jump to content
Welcome to our new Citrix community!

Single Content Switching virtual server for ssh connections (Redirect port 22 to severals vserver)

Recommended Posts



I'd like to configure a Virtual Server Content Switching for all my Linux servers to access ssh, actually I have configured all my Virtual Server Load Balancing, so in my example I've got two VSLB & that listen on port 22. From my LAN I can connect to those vserver.

Now what I want to do :


  • I configured a new VIP in that listen on port 22 (PUB DMZ)
  • I configured a NAT rules & an Acl that send all traffic send to my public IP address on port 22 to this VIP
  • like my https I woul'd like to create an expression that identify the vserver on which send the ssh connection


For example, I use a policy to loadbalance https on my multiples production webservers VSLB (HTTP.REQ.HOSTNAME.SET_TEXT_MODE(IGNORECASE).EQ("vname.domain.com") I setup a VIP that listen 443 and bind my different policy expression to it.


Now I would like to do the same for ssh, but I can't find a valid expression to make it :


If I request an ssh connection with the hostname "ssh1.domain.com" i would like to be redirect to vslb1 and if i request "ssh2.domain.com" I'm going to vlsb2

I think that I can start my expression with client.TCP.DSTPORT.EQ(22) but i have to add the other part of the expression that extract the DNS request


I tried client.TCP.DSTPORT.EQ(22) && HTTP.REQ.HOSTNAME.SET_TEXT_MODE(IGNORECASE).EQ("ssh1.domain.com") -> failed because attached VSLB is not compatible (i don't listen on http or https so this is normal)




Can I do something like that ? Or am I stuck to assign one port to one vserver, one pub IP for one vserver ?




Link to comment
Share on other sites



it's a TCP 22 service type, I think I have to bind TCP expression, but I don't find what to write on it :




What I want to do

  • If I try to connect to "vname.domain.com" on port 22 I'm redirected to vslb1 port 22
  • If I try to connect to "vname2.domain.com" on port 22 I'm redirected to vslb2 port 22


Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Create New...