Carl Stalhood
-
Posts
26 -
Joined
-
Last visited
Content Type
Forums
Articles
Labs
Videos
TechZone
Citrix Community Articles
Events
Profiles
Everything posted by Carl Stalhood
-
HA between separate hardware models is not supported because the NICs are different. But some have reported success.
-
The newer models only support 13.1 firmware. Here's one method of migrating - https://www.carlstalhood.com/migrate-citrix-adc-config-to-new-adc-appliances/
-
MBF (Mac Based Forwarding) will send replies to the same MAC/interface/VLAN that the request came from. For Layer 3 outbound routing, NetScaler will use a SNIP on the same subnet as the next hop gateway/router. Add routes to the routing table. Another option is PBRs for traffic that have particular VIPs are source IP.
-
Each object is removed separately. Some of the objects can be shared by multiple vServers so you don't want deletion of one vServer to affect objects being used by other vServers.
-
How to disbale a vserver and servicegroup from CLI ?
Carl Stalhood replied to Sarovani CK's topic in Core ADC use cases
See https://developer-docs.netscaler.com/en-us/adc-command-reference-int/current-release/lb/lb-vserver.html#set-lb-vserver There's a disable command. And the set command has -state disabled. -
My Citrix Gateway 13.1 nFactor auth config is as follows • 1st factor – No Schema and SAML Action • 2nd factor – No schema and LDAP Action. • MFA Pingfederate : IDP & SP. Gateway 13.1 • How to SSON pass credential to the VDA without FAS
Carl Stalhood replied to Raphael Pemberton's topic in Core ADC use cases
Does your nFactor ask for user password? If so, send the user's password to StoreFront. If not, and if you don't enable FAS, then the VDA will ask the user to enter the user's password. This is separate from any password prompt at your IdP. StoreFront can show a user's icons even if the StoreFront never received the user's password because StoreFront can rely on the Gateway Callback. -
My Citrix Gateway 13.1 nFactor auth config is as follows • 1st factor – No Schema and SAML Action • 2nd factor – No schema and LDAP Action. • MFA Pingfederate : IDP & SP. Gateway 13.1 • How to SSON pass credential to the VDA without FAS
Carl Stalhood replied to Raphael Pemberton's topic in Core ADC use cases
Does your nFactor ask for user password? If so, send the user's password to StoreFront. If not, and if you don't enable FAS, then the VDA will ask the user to enter the user's password. This is separate from any password prompt at your IdP. -
What is the NetScaler hardware? Is it a VPX in a public cloud? If so, then make sure you go to the cloud's console, edit the VM, edit the NIC, and add the new IP address.
-
Go to System > Settings > Configure Modes. Enable Mac Based Forwarding. If that works, then you have a routing problem somewhere, probalby missing VLAN configuration.
-
I think large enterprises can still order new pooled capacity. And you can renew existing pooled capacity.
-
Citrix Gateway ICA Proxy allows a single protocol/port number: SSL 443 on front-end, ICA 2598 on back-end. The only internal machines that ICA Proxy connects to are Citrix VDAs. This is much more restrictive than a full VPN that allows a VPN client machine to connect to almost any internal machine on any protocol/port number.
-
Thanks. If there are separate pages for each major NetScaler version, then the 14.1 page should only have 14.1 versions.
-
Will 13.1 VPX support the latest ESX 7? Or will all ESX VPX customers be forced to upgrade to 14.1?
-
Does this mean that only 14.1 is supported on latest ESX 7? https://docs.netscaler.com/en-us/citrix-adc/current-release/deploying-vpx/supported-hypervisors-features-limitations.html
-
Why is 14.1 called Citrix ADC instead of NetScaler?
Carl Stalhood replied to Carl Stalhood's topic in Core ADC use cases
The admin login page for 14.1 also says Citrix ADC instead of NetScaler. -
Does ADM support PFX certificate files?
Carl Stalhood replied to Carl Stalhood's topic in NetScaler Console (formerly ADM)
It looks like SSL Dashboard supports PFX files. -
Does ADM support PFX certificate files?
Carl Stalhood replied to Carl Stalhood's topic in NetScaler Console (formerly ADM)
When I upload a PFX at Settings > Administration > Install Cert, it says PKCS not supported.
-
Does ADM support PFX certificate files?
-
On SDX, VPXs ask for packets per second. Where can I find the maximum value for each hardware platform?
-
Why is 14.1 called Citrix ADC instead of NetScaler?
-
I've been tasked to upgrade the NetScalers from version 13.0 to 13.1. The challenge is converting the Basic Polices to Advance Policies. There is no direct or documentation on how to do so. where can I find information on how to upgrade the policies?
Carl Stalhood replied to Jesus Qui's topic in Core ADC use cases
nspepi can convert config items that are removed from 13.1. https://github.com/citrix/ADC-scripts/blob/master/nspepi/README.md However, most classic Gateway policies still exist in 13.1. If you want to convert them now, then you do it yourself by removing all classic policies and replacing them with advanced policies. Or wait until a future release of NetScaler and its nspepi tool that will probably convert those policies. -
Is netscaler gateway eom?
Carl Stalhood replied to Christopher Stainczyk's topic in Core ADC use cases
The Gateway-only license is no longer available. The Standard Edition license is no longer available. However, Advanced Edition and Premium Edition are still available, and both include the Gateway feature. -
AAD user not needed for monitoring/licensing of ADCs. Just routing to ADCs and firewall on specific port numbers.
-
Any firewall that is inspecting outbound Internet? https://docs.netscaler.com/en-us/citrix-application-delivery-management-service/system-requirements.html#supported-ports has the URLs that need to be accessible by the ADM Agent.
-
What error or issue are you seeing? Is the ADM Agent successfully deployed?
