Jump to content
Welcome to our new Citrix community!

Recommended Posts

Is there a way to use a wildcard when configuring an Intranet Application using a hostname?    I have a reverse split tunnel use case where the vendor provides the external host names using wildcards.  I'm also curious because some of the vendor stated hostnames exceed the 31 character limit of an Intranet Application hostname.

 

Cheers
Chad

Link to comment
Share on other sites

13 minutes ago, Sam Jacobs said:

Are you referring to using wildcard SSL certificates?

I'm not sure I understand what you mean when you say that the vendor provides host names using wildcards.

 

Not wildcard certificates but using a wildcard when adding Intranet Applications with hostnames.    Say for example the vendor's documentation indicates they need external connectivity to the following...

 

*.vendor.com

*.vendoronline.com

*.blob.core.windows.net

ago-item-storage.s3.amazonaws.com

ago-item-storage.s3.us-east-1.amazonaws.com

 

The hope is that turning on reverse split tunnel then defining Intranet Applications hostnames would fit the bill.  I'd like to replicate the hosts with wildcards as is then perhaps use wildcards to mitigate the 31 character limit on hostnames.  I can create an Intranet Application with a * but wasn't sure if the NetScaler treats it as a wildcard.

 

Hopefully this clears up the need.   

 

BTW Sam, thank you so much for your nFactor and Login Schema talk from a few years ago.   It was extremely helpful in wrapping my brain around the concepts and getting nFactor implemented.

 

Cheers

Chad

 

Link to comment
Share on other sites

  • 1 year later...
On 4/1/2020 at 10:10 AM, Chad Myslinsky1709155299 said:

Is there a way to use a wildcard when configuring an Intranet Application using a hostname?    I have a reverse split tunnel use case where the vendor provides the external host names using wildcards.  I'm also curious because some of the vendor stated hostnames exceed the 31 character limit of an Intranet Application hostname.

 

Cheers
Chad

Hello Chad,

Have you solved this issue? I am really interested on the solution.

Regards,

Link to comment
Share on other sites

  • 5 months later...

On version 13.0 you can configure the wildcard hostname, multiple hostnames with character limit 1023. Please refer: https://docs.citrix.com/en-us/citrix-gateway/current-release/vpn-user-config/configure-plugin-connections/configure-client-interception.html

Quote
  • From release 13.0 build 36.27 and later, the Windows VPN plug-in supports host name (FQDN) based rules for split tunneling. You must upgrade both the Citrix ADC appliance and the Windows VPN plug-in to release 13.0 build 36.27 or later.
  • Wildcard host names are also supported. For example, if intranet application with host name “*.example.com” is configured, a1.example.com, b2.example.com, and so on gets tunneled.
  • Host name based intranet application works only when you have split tunneling set to ON.
  • Host name based rules are not supported for reverse split tunneling.

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...