The Access Gateway works with the Web Interface and Secure Ticket Authority (STA) to provide authentication, authorization, and redirection to published applications hosted on a computer running Citrix XenApp or published desktops provided by Citrix XenDesktop. The Access Gateway virtual server serves as the access point through which clients access these services. The Access Gateway wizard helps you quickly create an Access Gateway virtual server for accessing resources using the SSL VPN functionality of the NetScaler. The settings that configure how users connect to the Access Gateway are as follows:
• Virtual servers
• Name service providers
• Port redirection
• Clientless access
• Clientless access for SharePoint
To create the Access Gateway virtual server, perform the following steps:
1. In the NetScaler management console, click Access Gateway and then on the right-hand pane, click Access Gateway wizard.
2. On the Access Gateway Wizard Introduction screen, click Next.
3. On the Create or choose a virtual server screen, select New and specify an IP Address, Port, and Virtual Server Name then click Next.
4. On the Specify a server certificate screen, select the appropriate certificate and click Next to continue. In this example, I am using a test certificate which points to the name access.cps.demo.
5. On the Name Service Providers screen, specify the Configured DNS Server and click Next.
6. On the Configure authentication screen, specify the LDAP server information and click Next.
7. On the Configure additional settings screen, under Configure Authentication, click Allow and under Redirect Requests for Port 80, enable Redirect to secure web address and click Next to continue.
8. On the Configure clientless access screen, accept the defaults (shown below) and click Next.
9. On the Summary screen, click Finish to create the new Access Gateway virtual server.
10. When the Access Gateway has been successfully configured, click Exit. Remember to save the configuration.
With the Access Gateway virtual server now created, we can create a web interface site and then integrate it with the Access Gateway virtual server.
What does IP address assigned when creating access gateway do? Must the IP address be the same with VIP IP address?
If you are referring to the screenshot on step #3, the IP you specify is the VIP. In my case, I was creating a new VIP using the wizard. You can certainly create your VIP before running the wizard at which point you'd select “Existing” and then select the VIP you desire.