Jump to content
Welcome to our new Citrix community!

Is it possible to use Netscaler ADC to provide security to our API Gateway ?

Harihara Sudhan

Recommended Posts

Guest Farhan Ali

Yes , A netscaler can be put in front of the AWS API gateway and can act as a proxy and help in load balancing the request and provide the security and authentication of user as well. Some of the features that can be used are

  1. •Security ( WAF, AAA)
  2. •User choice( Responder, backup vserver, round robin methods, HA)
  3. •User Defined SSL Certificate
  4. •Can be integrated to Citrix Gateway for HTTP links

A simple use case will be


To proxy AWS APIs, use the LB/CS with Rewrite http request to --> If uri contains- citrixapigw ---> https://citrix.execute-api.us-east-1.amazonaws.com/default/lamdaFunction123

API example:

POST/api.citrix.com/citrixapigw123 -- proxies to -- POST/ citrix.execute-api.us-east-1.amazonaws.com/default/lamdaFunction123 I

Picture1.thumb.png.627cbe217c21d5a8b43e351fd89a44f3.pngNeed to add rewrite policy on the Citrix ADC

ADC should have DNS to resolve the api gateway URL

sample config:-

add rewrite action lambdatoapi replace http.req.hostname.server ""jthiofcg48.execute-api.us-east-1.amazonaws.com""

add rewrite action httptohttps replace_all "HTTP.RES.BODY(2500)" ""https"" -search "text("http")"

add rewrite policy lambdapolicy "http.req.hostname.server.eq("ec2-52-72-192-77.compute-1.amazonaws.com")" lambdatoapi

add rewrite policy pol_replace_http_with_https HTTP.REQ.IS_VALID httptohttps NOREWRITE

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...