Jump to content
Welcome to our new Citrix community!

Multiple farms behind Netscaler


Chris Condon

Recommended Posts

We have a load balancing Netscaler 13.0 set used as a Gateway to our Citrix Apps and Desktops environment, with an external URL of oldfarm.mycompany.com.

 

We have built a new Apps and Desktops environment from the ground up to replace the old one (new delivery controllers, Storefront, everything). 

 

What we'd like to do is set up the Netscalers so that if someone goes to oldfarm.mycompany.com the Netscaler sends them to the old farm Storefront, and if they go to newfarm.mycompany,.com they are sent to the new Storefront. 

Currently, both domains are registered and the DNS entries have separate IPS, but I believe they are NATted to the same NetScaler IP (for the new farm I am using a DNS entry that was used at another time).  I'm confirming this with my network folks. 

Is there a way to do this? I can't seem to find any articles on it.

Link to comment
Share on other sites

NetScaler Responder policy can redirect browsers, but probably can't redirect Workspace app clients. For Workspace app, users need to Reset Workspace and run discovery again with the new FQDN.

 

If both DNS names go to the same VIP, then the certificate on the VIP needs to match both names. Options include: wildcard, SAN names, or SNI with multiple certs.

  • Like 1
Link to comment
Share on other sites

17 hours ago, Chris Condon said:

What we'd like to do is set up the Netscalers so that if someone goes to oldfarm.mycompany.com the Netscaler sends them to the old farm Storefront, and if they go to newfarm.mycompany,.com they are sent to the new Storefront. 
 

Hello Chris, if you want to maintain access to your oldfarm AND the newfarm FQDNs, then you need to configure different session policies for each FQDN. To match each policy you would have to check the hostname being requested by the users with something like HTTP.REQ.HOSTNAME.EQ("oldfarm.mycompany.com") or HTTP.REQ.HEADER("Host").EQ("oldfarm.mycompany.com"), these two are equivalent. Then each session policy will point to the corresponding  StoreFront servers VIP (assuming you're load balancing the SFs).

You can also use separate policies for your authentication policies, if necessary (if, for example, you have different domains for each farm), in a similar approach.

This article has a similar discussion (just avoid using the old classic policy format, "REQ.HTTP" mentioned sometimes).

https://discussions.citrix.com/topic/413141-different-url-same-gateway-different-storefront/

 

Hope it helps.

  • Like 2
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...