Jump to content
Welcome to our new Citrix community!

About Protecting Gateway Virtual Servers with WAF


Marcelo Flores

Recommended Posts

Hello Gents,

 

In the following link: https://docs.citrix.com/en-us/tech-zone/learn/poc-guides/protect-gateway-waf-bot-aaa.html#waf-protection

 

The HTTP Callout uses a dummy virtual server. This virtual server doesn’t need to be publicly available, so it can be non-addressable. The virtual server DOES need to be up, so the back end server needs to be up and responding on port 80. A new service and virtual server are created in this guide.

 

My question is: Which IP address I have to use for the server used for that service?  Could it be any?

Link to comment
Share on other sites

So dummy services there are two methods:  a) use the loopback address of 127.0.0.1 as Julian shows or b) the other way you can do this is create a service on a place holder IP such as 1.2.3.4 and disable monitoring so it is always up.

The callout vserver can then be on HTTP as a non-addressable vserver with no vip or port.  The callout is being used to intercept the web portion of the gateway so the waf/bot processing can occur.

 

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...