Jump to content
Welcome to our new Citrix community!

CVPN Bookmark URL rewrites


Recommended Posts

I'm having some getting internal web applications working properly on a CVPN portal. I'm receiving error 'HTTP/1.1 Object Not Found' when opening web application links via CVPN. 

 

I'm think the problem lies with the way CVPN is rewriting the URLs, but I'm new to ADC and can't be sure.

 

Here's an example:

 

Let say that Application has internal login URL of https://app.example.corp/login, and the CVPN portal is at https://cvpn.examplecorp.com/.

- The user logs into the CVPN portal and is presented with Internal App bookmark.

- CVPN user clicks the bookmark and is sent to  https://cvpn.examplecorp.com/cvpn/<id>, but the URL changes to https://cvpn.examplecorp.com/login. The user is able to log into the web app without issue

- CVPN user tries to open a link from the app (let's say reporting / internal url of  https://app.example.corp/reporting/) and is sent to https://cvpn.examplecorp.com/reporting, which doesn't exist.

 

I hope I explained this clearly, and thanks for the help.

 

 

 

 

Link to comment
Share on other sites

Citrix ADC (formerly NetScaler) is a proxy. It does not rewrite URLs, instead, it opens the URL for you and gives you access.

 

Following requirements have to be met:

The ADC has to be able to resolve the name to an IP

The ADC has to be able to connect to the IP

 

So my 1st step to trouble-shoot would be: Create a test-service. The name of the server should be the FQDN of the host, the proptocol of the service has to be the protocol you use (HTTP, SSL, ...). Assign a proper monitor (HTTP monitor?)

Does it show up? If yes, I'm wrong with my idea. If not: Open the service, click on "1 Service to Load Balancing Monitor Binding". You will see the result of health monitoring.

  • It may fail to resolve the host-name (continue troubleshooting DNS)
  • It may have no SNIP to connect (so your problem is a routing issue)
  • It may tell you TCP/SYN sent, no ACK received (Firewall blocking)
  • It may get an invalid HTTP response (It's an application issue)

If you don't know how to do you could follow the lab guide I have written up some month ago.

 

Greetings

 

Johannes Norz

CTA, CCI, CCE-N

 

https://blog.norz.at

Link to comment
Share on other sites

On 1/23/2021 at 12:30 PM, Martin Meier said:

How did you setup the cvpn bookmark?

 

Did you checked the „Use Citrix Gateway As a Reverse Proxy“ checkbox on the bookmark ?

 

Yes it is

 

On 1/23/2021 at 1:33 PM, Johannes Norz said:

Citrix ADC (formerly NetScaler) is a proxy. It does not rewrite URLs, instead, it opens the URL for you and gives you access.

 

Following requirements have to be met:

The ADC has to be able to resolve the name to an IP

The ADC has to be able to connect to the IP

 

So my 1st step to trouble-shoot would be: Create a test-service. The name of the server should be the FQDN of the host, the proptocol of the service has to be the protocol you use (HTTP, SSL, ...). Assign a proper monitor (HTTP monitor?)

Does it show up? If yes, I'm wrong with my idea. If not: Open the service, click on "1 Service to Load Balancing Monitor Binding". You will see the result of health monitoring.

  • It may fail to resolve the host-name (continue troubleshooting DNS)
  • It may have no SNIP to connect (so your problem is a routing issue)
  • It may tell you TCP/SYN sent, no ACK received (Firewall blocking)
  • It may get an invalid HTTP response (It's an application issue)

If you don't know how to do you could follow the lab guide I have written up some month ago.

 

Greetings

 

Johannes Norz

CTA, CCI, CCE-N

 

https://blog.norz.at

 

I think my problem is related to JS. I tried implementing this:

https://support.citrix.com/article/CTX232291

It seemed to break the ADC Gateway login page.

 

 

 

Link to comment
Share on other sites

  • 1 year later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...