Jump to content
Welcome to our new Citrix community!

Access external Storefront without creating a gateway


Jonathan Sultzer

Recommended Posts

I am responsible for our citrix environment as a past admin no longer works with me.  To my knowledge and with netscaler historical records going back 4 years, we have never had a gateway configured.  Somehow, external access to published applications and desktops between 3 domains hosted on a single domains storefront was in production.  Netscaler is configured for load balancing and has 2 storefront servers.  1 of those 2 storefront servers went down due to a guest OS issue and now all external access has stopped.  Has anyone ever seen this kind of multi-domain setup bypassing the need for a gateway?   This has actually perplexed engineers during support calls as a gateway is needed. 

Link to comment
Share on other sites

Hi Jonathan 

 

A Citrix gateway is recommended to provide more security but not required. 
you may need to look at your load balances storefront vserver. 
look at the service group to ensure to see both storefront and confirm they are both shown as UP. 
 

thanks

Arnaud

Link to comment
Share on other sites

On 8/30/2023 at 11:08 PM, Jonathan Sultzer said:

I am responsible for our citrix environment as a past admin no longer works with me.  To my knowledge and with netscaler historical records going back 4 years, we have never had a gateway configured.  Somehow, external access to published applications and desktops between 3 domains hosted on a single domains storefront was in production.  Netscaler is configured for load balancing and has 2 storefront servers.  1 of those 2 storefront servers went down due to a guest OS issue and now all external access has stopped.  Has anyone ever seen this kind of multi-domain setup bypassing the need for a gateway?   This has actually perplexed engineers during support calls as a gateway is needed. 

 

One way for external users to access StoreFront directly without a NetScaler Gateway is use a VPN connection. Isn't that your case?

Link to comment
Share on other sites

Citrix used to support an external nat connection translation, but that was insecure and was replaced with netscaler gateway or VPN for connectivity.

 

Also you can have multiple storefronts configured behind multiple gateways or load balancers.

 

You might want to contact a Citrix support partner to help you dig through the configurations on the netscaler and storefront to give you some info.

 

I work for CDW and know our engineers could help you out with that.

Link to comment
Share on other sites

  • 2 weeks later...

Hi Jonathan

 

Take a look at your StoreFront config and under the Actions section, click on "Manage Citrix Gateways" and see what's configured there.

 

ManageCitrixGateways.png.28be1e2b51a8d26ece8a8fbbd4405a0f.png

 

You can also look in "Configure Remote Access Settings" for each Store and see how they are configured

 

Regards

 

Ken Z

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...