Author Archives: Johannes Norz

About Johannes Norz

Citrix consultant, evangelist, blogger and trainer, Austria

Creating a Citrix NetScaler Test environment

last update: October 2017 (LINUX support) Creating a Citrix NetScaler Test environment Being a Citrix Certified Instructor I am very much aware of the Red/Green/Blue website used during official Citrix NetScaler training (CNS-220, CNS-222). I created my own test website. I usually use it during product demonstrations to present anything… Read more »

Citrix NetScaler Logging and policy trouble shooting

Citrix NetScaler Logging and policy trouble shooting Some times it’s quite hard to understand what’s going on. There is so much mystics about policies. And it’s even harder to understand what went on (past tense). “Johannes, there had been several problems connecting to <any blabla application here>” “I’m sorry, I… Read more »

Why do I love HDX on UDP in Citrix XenDesktop and XenApp?

Why do I love HDX on UDP in Citrix XenDesktop and XenApp? (HDX Enlightened Data Transport EDT) Well, I’m mainly a network guy. So I’ll take a look at this brand new feature from networking perspective.I’ll start from scratch, so I don’t assume you understand network protocols. But let me… Read more »

DDOS protection using Citrix NetScaler, 1st part

last update: February 21st 2018 How to protect a website using Citrix NetScaler? Well it seems to be easy. A nonsense question. We may use AppQoE (Application level Quality of Experience), a feature introduced with NetScaler version 10, so it’s quite an old feature. Let’s start. AppQoE is enterprise edition… Read more »

Selecting the correct language based on Accept-Language HTTP header using Citrix NetScaler responder policies

I recently was hired to create a web application firewall (WAF) using Citrix NetScaler to protect a SAP Hybris based e-shop. This shop has content for several languages, so we had to select the right home page. The base URL of the website was like that: https://shop.domain.com/shop/language/. SSL was optional…. Read more »

Trouble shooting Citrix NetScaler Gateway connection issues

One of the most annoying issues in Citrix NetScaler are ICA / HDX connection issues. The reason for this is the way connection issues are reported. There are two potential sources of trouble: Citrix StoreFront and Citrix NetScaer Gateway. So I will divide my blog in three sections: How to… Read more »

Doing Citrix NetScaler trace (nstrace) inside an admin-partition

I was so enthusiastic, when I found out about NetScaler admin partitions! What a great extension to existing NetScalers! However I got disillusioned finding out about limitations. It took me some time to find out how to overcome this issues, but there are still some features missing. The feature I… Read more »

Binding many NetScaler Gateways to a content switching vServer on Citrix NetScaler, Method 1

last update: November 14 /2017 Or: The power of the ANY service type This is a work around for a well-known problem in NetScaler: Binding NetScaler Gateways to content switching vServers. This solution does not follow Citrix best practices. Avoid using it, if you can! My solution will work with… Read more »

Splitting up a NetScaler site using admin partitions

(a nice but partly failed try) Complex web applications may lead to complex NetScaler configuration. And sometimes an administrator may get lost troubleshooting complex websites, especially sites using content switching. This is an example of a real world website: The portal page is assembled of several independent web applications. Each… Read more »

Changing my Citrix NetScaler VPX based website from http to https and scoring an A+ in SSL labs test

Last update: July 12 2018 This blog is about NetScaler versions up to 12. For 12.1 read here Citrix NetScaler load balancing and content switching servers will only score an C in quality labs SSL test, no matter if you use a VPX, MPX or SDX. There are several reasons for… Read more »

How to get a valide certificate for our NetScaler, if possible for free?

This is an updated blog entry. I first posted it on my old and discontinued blog at blog.com for Citrix NetScaler 10, this one is for Citrix NetScaler 11. We all know how to get a private Certificate for free: You just have to set up a Windows Server, add… Read more »