Citrix Systems 9000 Series manual Managing Domain Conflicts

Page 45

Configuring the SSL VPN Client

when Split Tunneling is enabled. This setting has three options; Local, Remote, and Both.

Local: When you choose the Local option, all DNS lookups are sent to the DNS server on your local LAN. If you are connected to the Internet, the lookups are sent to your ISP’s DNS server.

Remote: When you choose the Remote option, all DNS lookups are sent to the remote DNS server via the SSL VPN tunnel.

Both: Finally, when you choose Both, the lookups are sent to both the local and remote DNS servers simultaneously. This could result in domain name conflicts. Such conflicts can be resolved by using the settings described in 4.2.3, “Managing Domain Conflicts”.

The following procedure lists the steps to configure split DNS. In this example, Split DNS is set to Both.

1.Right-click the agent in the Windows system tray and select Configuration from the short-cut menu. The Configuration dialog box is displayed as shown in Figure 4-3.

If you are using the plug-in, click Configuration on the plug-in window. The Configuration dialog box is displayed as shown in Figure 4-3.

2.Click the Profile tab. The Profile pane is displayed. This pane displays all the configuration details of the profile such as the IP address of the SSL VPN gateway, the split tunneling setting, the build number of the system software on the gateway, etc.

3.Click Change Profile to modify the configuration details of the profile. The Change Profile dialog box is displayed as shown in Figure 4-4.

4.In the DNS /WINS Lookup group box, select Both and click OK. The updated configuration details of the profile are displayed.

4.2.3Managing Domain Conflicts

The previous section covered the concept of Split DNS. In addition, it also explained the Both setting. When Split DNS is configured in the Both mode, the DNS lookups are simultaneously sent to both local and remote DNS serv- ers. As a result, there are chances of domain name conflicts if domains with the same names exist on both the remote and local networks. This can be avoided by configuring the client with domain names that might potentially cause a conflict. This is illustrated in the following example.

A remote private network has a domain named ABC.example. A client, con- necting to this network, also has a domain named ABC.example in its local network. When you type http://ABC.example in the browser window, and Split DNS is set to Both, the client performs a domain name lookup on both the

SSL VPN User’s Guide

4-11

Page 44 Page 46
Image 45
Page 44 Page 46
Contents SSL VPN User’s Guide for the Windows Platform Page Page Page Contents Troubleshooting the SSL VPN Client SSL VPN Architecture SSL VPN OverviewSSL VPN Overview Using the SSL VPN Browser Plug-in Getting StartedSystem Requirements 1Security Alert window 2SSL VPN Login 5Browser plug-in being loaded 6Session window with the portal page in the background 7Download prompt Using the SSL VPN Agent8The Security Alert window 9SSL VPN Login 10Download 12 Portal Terminating the SSL VPN Session13Confirmation message box Terminating the Session for the Agent16 Exit message Understanding the Cleanup Process Terminating the Session for the Browser Plug-inUnderstanding the Data Sets 18 List pane Applications that have accessed Sslvpn services Client authentication certificatePasswords and autocomplete data stored by browser NetScaler agent and activex browser plug-inCleanup Level Cleanup LogsBrowser cache cookies and temporary files Portal Using the SSL VPN PortalHome Using Portal ToolsPing Pane Bookmarks Pane3Add Bookmark Remove a bookmark4Remove bookmark File Transfer5File Transfer Top PanelLeft panel Right Panel Left PanelRight panel To download a file from a remote server To log on to a file serverThemes To upload a file to the remote serverTo remove a folder, subfolder, or file Customizing your theme Selecting a theme for the SSL VPN session9Customize your theme Configuring the SSL VPN Client Configuring Login SettingsUsing Native Login 1Gateway Enterprise Edition dialog box 3Configuration dialog box Configuring Native LoginClick the Options tab. The Options pane is displayed 6Citrix Access Gateway Options dialog box Setting the SSL VPN GatewayConfiguring Security Settings Configuring Proxy SettingsConfiguring a Secondary Password Configuring Split Tunneling Configuring Interception Settings8List of IP addresses, ports, and applications Configuring Split DNS Managing Domain Conflicts 9Domain conflicts caused by identical domains 10List of networks on the remote intranet Managing Network Conflicts11Incorrect routing of traffic due to network conflicts Local LAN Access When Split Tunneling is DisabledConfiguring the SSL VPN Client Configuring the SSL VPN Client Debugging the SSL VPN Client Troubleshooting the SSL VPN ClientTrace Tab SSL VPN Session Error CodesCodes Message Explanation Action Permissions in the Windows Login failed SSL Accounts, the plug-in must Incorrect OS Version VPN Compression Statistics 2Compression Tab Connection Logs3Connection log FAQs Why does SSL VPN not work with MS Windows 9x?Does SSL VPN use a client side IP address? Why does NetBios not access data on my computer? What should the client do when Windows crashes?Uninstalling the Browser Plug-in Uninstalling the SSL VPN ClientsFigure A-2Settings dialog box Figure A-3Downloaded Program Files folder Uninstalling the Agent

9000 Series specifications

Citrix Systems is a leader in virtualization technology, known for its robust solutions that facilitate remote access and enhance productivity. One of its noteworthy offerings is the Citrix 9000 Series, which is designed to optimize application delivery and provide excellent user experiences in enterprise environments.

The Citrix 9000 Series is built on advanced technologies that ensure high performance and reliability. One of the standout features is its ability to intelligently manage and route application traffic, reducing latency and ensuring that users receive quick and efficient access to virtual applications and desktops. This is critical in today's fast-paced work environment, where every second counts regarding application response times.

Another key characteristic of the Citrix 9000 Series is its support for a wide range of protocols, including HDX (High Definition User Experience), which enhances the performance of virtual applications across various network conditions. This responsiveness ensures that graphical applications run smoothly, even in bandwidth-constrained environments, making it ideal for remote workers and those using mobile devices.

Security is a top priority for Citrix, and the 9000 Series includes several features to protect sensitive data and provide safe access to applications. With support for advanced encryption and multi-factor authentication, organizations can ensure that only authorized users access their virtualized environments. Additionally, the system offers comprehensive monitoring and analytics to help IT teams identify performance issues and potential security threats proactively.

Scalability is another significant advantage of the Citrix 9000 Series. Whether a company is expanding its workforce or requiring additional resources to manage seasonal demands, this system can efficiently scale to meet those needs. It supports a variety of workloads, from small businesses to large enterprises, which ensures that organizations can adapt and grow without needing to overhaul their entire infrastructure.

Lastly, the user experience is thoughtfully crafted in the Citrix 9000 Series. The solution provides customizable user interfaces, enabling organizations to tailor the look and feel of applications to align with corporate branding while offering a seamless experience across devices.

In conclusion, the Citrix 9000 Series combines advanced features, scalability, security, and user-centric design, making it an excellent choice for organizations looking to enhance their application delivery and remote access capabilities.
Top Page Image Contents