Monday, February 20, 2012

Configuring Citrix NetScaler VPX (1000) 9.3 to redirect requests from http to https when publishing your Web Interface server

To follow up with my previous post:

Configuring Citrix NetScaler VPX (1000) 9.3 for publishing Web Interface server access by authenticating against Active Directory

One item I forgot to include was how to redirect http to https.  So say the user tries to access http://citrix.someDomain.com, the configuration shown in my previous post would throw a page cannot be displayed because the NetScaler is not configured to respond or do anything with the request.  This is probably not a sufficient configuration for an enterprise environment because end-users may not know the difference between http and https which means if they get a page cannot be displayed message, they may just assume that the site is down.

Reconfiguring the redirect is actually quite simple, begin by logging onto your NetScaler VPX’s administration page, expand the Load Balancing node and click on the Virtual Servers node:

image

Next, right click on the Virtual Servers node and click the Add option:

image

Type in a meaningful name in the Name field such as HTTP Redirect to HTTPS and fill in the IP Address field with the same VIP that you used for your HTTPS virtual server:

image

Proceed with clicking on the Advanced tab and type in the full external URL you’re using for remote users to access the login web page:

image

Click on the Create button and you’ll be brought back out to the where you’ll notice the new virtual server’s status as being Down.  This is expected behavior and when requests come into the NetScaler VPX gateway via HTTP to this IP, it will know to redirect it over to the https URL:

image

Proceed with testing the remote link via http and you should now see the portal get redirected to https:

image

1 comment:

Jeff Rainey said...

Would this work on 9.2, or does that require using a responder?