Citrix Systems 9000 Series manual Configuring Split DNS

Page 44

Configuring the SSL VPN Client

ON: When you choose this option, Split Tunneling is enabled. The client compares the destination IP address, or port, or application name of the packets against the values configured by the SSL VPN administrator on the gateway. If one of the values match, the packets are send to the remote network via the SSL VPN tunnel. Else they are diverted to the local LAN.

OFF: When you choose this option, Split Tunneling is disabled and the cli- ent sends all traffic to the remote network via the SSL VPN tunnel.

Reverse: When you choose this option, Reverse Split Tunneling is enabled. The client compares the destination IP address, or port, or application name of the packets against the values configured by the SSL VPN admin- istrator on the gateway. If one of the values match, the client diverts the packets to the local LAN and sends the others to the remote network via the SSL VPN tunnel. This is the reverse of ON.

If Split Tunneling is disabled on the gateway, the corresponding controls on the client are disabled and you will not be able to control it. As a result, all traffic is routed through the SSL VPN tunnel. This is similar to disabling the feature on the client.

The following section covers the procedure to configure split tunneling.

1.Right-click the agent in the Windows system tray and select Configuration from the short-cut menu. The Configuration dialog box is displayed as shown in Figure 4-3.

If you are using the plug-in, click Configuration on the plug-in window. The Configuration dialog box is displayed as shown in Figure 4-3.

2.Click the Profile tab. The Profile pane is displayed. This pane displays all the configuration details of the profile such as the IP address of the SSL VPN gateway, the split tunneling setting, the build number of the system software on the gateway, etc.

3.Click Change Profile to modify the configuration details of the profile. The Change Profile dialog box is displayed as shown in Figure 4-4.

4.In the Split Tunneling group box, select OFF and click OK. The updated configuration details of the profile are displayed.

When similar subnets (or computers with identical IP addresses) exist on both the local LAN and the remote intranet, network conflicts can occur when split tunneling is enabled. This can be avoided by configuring the client appropri- ately. For details, refer section 4.2.4, “Managing Network Conflicts”.

4.2.2Configuring Split DNS

You can configure the agent to route DNS lookups (Address records only) to either local DNS servers or remote DNS servers. This setting is applicable only

4-10

SSL VPN User’s Guide

Page 43 Page 45
Image 44
Page 43 Page 45
Contents SSL VPN User’s Guide for the Windows Platform Page Page Page Contents Troubleshooting the SSL VPN Client SSL VPN Overview SSL VPN ArchitectureSSL VPN Overview System Requirements Using the SSL VPN Browser Plug-inGetting Started 1Security Alert window 2SSL VPN Login 5Browser plug-in being loaded 6Session window with the portal page in the background Using the SSL VPN Agent 7Download prompt8The Security Alert window 9SSL VPN Login 10Download Terminating the SSL VPN Session 12 PortalTerminating the Session for the Agent 13Confirmation message box16 Exit message Understanding the Data Sets Understanding the Cleanup ProcessTerminating the Session for the Browser Plug-in 18 List pane Client authentication certificate Applications that have accessed Sslvpn servicesPasswords and autocomplete data stored by browser NetScaler agent and activex browser plug-inBrowser cache cookies and temporary files Cleanup LevelCleanup Logs Using the SSL VPN Portal PortalUsing Portal Tools HomePing Pane Bookmarks PaneRemove a bookmark 3Add BookmarkFile Transfer 4Remove bookmarkTop Panel 5File TransferLeft Panel Left panel Right PanelTo log on to a file server Right panel To download a file from a remote serverTo remove a folder, subfolder, or file ThemesTo upload a file to the remote server Selecting a theme for the SSL VPN session Customizing your theme9Customize your theme Using Native Login Configuring the SSL VPN ClientConfiguring Login Settings 1Gateway Enterprise Edition dialog box Configuring Native Login 3Configuration dialog boxClick the Options tab. The Options pane is displayed Setting the SSL VPN Gateway 6Citrix Access Gateway Options dialog boxConfiguring Proxy Settings Configuring Security SettingsConfiguring a Secondary Password Configuring Interception Settings Configuring Split Tunneling8List of IP addresses, ports, and applications Configuring Split DNS Managing Domain Conflicts 9Domain conflicts caused by identical domains Managing Network Conflicts 10List of networks on the remote intranetLocal LAN Access When Split Tunneling is Disabled 11Incorrect routing of traffic due to network conflictsConfiguring the SSL VPN Client Configuring the SSL VPN Client Troubleshooting the SSL VPN Client Debugging the SSL VPN ClientSSL VPN Session Error Codes Trace TabCodes Message Explanation Action Permissions in the Windows Login failed SSL Accounts, the plug-in must Incorrect OS Version VPN Compression Statistics Connection Logs 2Compression Tab3Connection log Does SSL VPN use a client side IP address? FAQsWhy does SSL VPN not work with MS Windows 9x? What should the client do when Windows crashes? Why does NetBios not access data on my computer?Uninstalling the SSL VPN Clients Uninstalling the Browser Plug-inFigure A-2Settings dialog box Uninstalling the Agent Figure A-3Downloaded Program Files folder

9000 Series specifications

Citrix Systems is a leader in virtualization technology, known for its robust solutions that facilitate remote access and enhance productivity. One of its noteworthy offerings is the Citrix 9000 Series, which is designed to optimize application delivery and provide excellent user experiences in enterprise environments.

The Citrix 9000 Series is built on advanced technologies that ensure high performance and reliability. One of the standout features is its ability to intelligently manage and route application traffic, reducing latency and ensuring that users receive quick and efficient access to virtual applications and desktops. This is critical in today's fast-paced work environment, where every second counts regarding application response times.

Another key characteristic of the Citrix 9000 Series is its support for a wide range of protocols, including HDX (High Definition User Experience), which enhances the performance of virtual applications across various network conditions. This responsiveness ensures that graphical applications run smoothly, even in bandwidth-constrained environments, making it ideal for remote workers and those using mobile devices.

Security is a top priority for Citrix, and the 9000 Series includes several features to protect sensitive data and provide safe access to applications. With support for advanced encryption and multi-factor authentication, organizations can ensure that only authorized users access their virtualized environments. Additionally, the system offers comprehensive monitoring and analytics to help IT teams identify performance issues and potential security threats proactively.

Scalability is another significant advantage of the Citrix 9000 Series. Whether a company is expanding its workforce or requiring additional resources to manage seasonal demands, this system can efficiently scale to meet those needs. It supports a variety of workloads, from small businesses to large enterprises, which ensures that organizations can adapt and grow without needing to overhaul their entire infrastructure.

Lastly, the user experience is thoughtfully crafted in the Citrix 9000 Series. The solution provides customizable user interfaces, enabling organizations to tailor the look and feel of applications to align with corporate branding while offering a seamless experience across devices.

In conclusion, the Citrix 9000 Series combines advanced features, scalability, security, and user-centric design, making it an excellent choice for organizations looking to enhance their application delivery and remote access capabilities.
Top Page Image Contents