Print Download PDF Send Feedback

Previous

Next

Connecting to a Citrix Server

Citrix Services

The Mobile Access Software Blade integrates the Firewall Citrix clients and services. It is not necessary to use STA (Secure Ticketing Authority) servers in a Mobile Access Security Gateway deployment because Mobile Access uses its own STA engine. You can also use Mobile Access in a deployment with STA and CSG (Citrix Secure Gateway) servers.

The Mobile Access server certificate must use a FQDN (Fully Qualified Domain Name) that is issued to the FQDN of the Mobile Access Security Gateway.

Sample Deployment with Citrix Server

This is a sample deployment of a Mobile Access Security Gateway and a Citrix web server in the DMZ. The Citrix XenApp server is connected to the internal network.

Sample_Deployment_with_Citrix_Server

Item

Description

1

Mobile devices

2

Mobile Access tunnels

3

Internet (external networks)

4

Security Gateway for the internal network

5

Mobile Access Security Gateway in the DMZ

6

Citrix web interface

7

Internal network resources

8

Citrix XenApp (MetaFrame) server

Configuring Citrix Services for Mobile Access

This procedure describes how to configure Mobile Access to let remote users connect to Citrix applications. The deployment is based on the Sample Deployment with Citrix Server.

To configure Citrix services:

  1. In SmartConsole, go to Manage & Settings > Blades.
  2. In the Mobile Access, click Configure in SmartDashboard.
  3. In the Mobile Access tab, click Applications > Citrix Services.
  4. Click New.

    The General Properties page of the Citrix Service window opens.

  5. Enter the Name for the Citrix server object.
  6. From the navigation tree, click Web Interface.
  7. Create a new object for the Citrix web interface server, in Servers, click Manage > New > Host.

    The Host Node window opens.

  8. Enter the settings for the Citrix web interface server and the click OK.
  9. In Services, select one or more of these services that the Citrix web interface server supports:
    • HTTP
    • HTTPS
  10. From the navigation tree, click Link in Portal.
  11. Configure the settings for the link to the Citrix services in the Mobile Access portal:
    • Link text - The text that is shown for the Citrix link
    • URL - The URL for the directory or subdirectory of the Citrix application
    • Tooltip - Text that is shown when the user pauses the mouse pointer above the Citrix link
  12. From the navigation tree, select Additional Settings > Single Sign On.
  13. Enable Single Sign On for Citrix services, select these options:
    • Turn on single Sign On for this application
    • Prompt users for their credentials, and store them for future use
  14. Click OK.

    The Citrix server object is added to Defined Citrix Services.

  15. From the Mobile Access navigation tree, select Policy.
  16. Add the Citrix services object to the applicable rules.
    1. Right-click on the Applications cell of a rule and select Add Applications.
    2. Select the Citrix services object.
  17. Install the policy.
25 October 2021
Was this helpful?
Incorrect information Not what I'm looking for Too much information Confusing information
© 2019 Check Point Software Technologies Ltd. All rights reserved.