Author Archives: Johannes Norz

About Johannes Norz

Citrix consultant, evangelist, blogger and trainer, Austria

Setting up a NetScaler Gateway on NetScaler 11

It is quite easy to set up a NetScaler Gateway on NetScaler 11. It’s quite similar to NetScaler 10.5, but the wizard is much more powerful now! I’ll show you how to do it. Prerequisites I assume you have: a certificate in place. This certificate should be a valid certificate created… Read more »

Enabling ECDHE ciphers in NetScaler 10.5

last update: February 7th 2017 Similar but newer posts: Changing my Citrix NetScaler VPX based website from http to https and scoring an A+ in SSL labs test and Making a NetScaler Gateway on NetScaler 11 a bit more secure ECDHE Ciphers, this means, Elliptic curve Diffie–Hellman type of cyphers,… Read more »

Replacing HTTP server related information using a NetScaler policy label

It may not be the strongest security measure, but many administrators are not quite sure about HTTP headers like Server or X-Powered-By. There seems to be just one reason why this header has to be in a HTTP response: It makes life easier for a hacker. So why not just… Read more »

Hacking nsroot

      3 Comments on Hacking nsroot

Hacking nsroot on a NetScaler with default settings is completely easy! I missed this one in Neil Spelling’s excellent blog about penetration testing NetScalers. What do you need to hack a NetScaler if you forgot your nsroot password? An external authentication source. How does NetScaler authentication work? Well, NetScaler will… Read more »

Add a certificate to NetScaler’s admin page

      No Comments on Add a certificate to NetScaler’s admin page

Usually the admin page is protected by a self signed certificate. So if you surf to your NetScaler using SSL (and you always should manage your NetScaler using SSL!!!) you’ll face a certificate warning. Eventually you could consider this warning to be of no relevance. It is your NetScaler, your… Read more »

Pimping a website using NetScaler 10.5 (adding style, favicon, …)

I wanted to customise my blog, but I did not want to dig deep into wordpress. This seemed to much effort, and I don’t know if next update of WordPress would compromise my changes. I wanted to make permanent changes in a way that would survive any update. So I… Read more »

Customizing a website using NetScaler rewrite policies

In one of my previous posts I installed on my XenServer. This was not that easy, i solved all problems, however the results had not been so very good. There are 2 reasons for this: Badshop uses a java script to forward users to So it will forward… Read more »

Installing on a XenServer

      1 Comment on Installing on a XenServer

It should be easy: download the CD image and install. However you’ll end up with following message: The bootloader for this VM returned an error — did the VM installation succeed? UNSUPPORTED_INSTAL_METHOD I asked Google and found a solution: find the UUID of this machine. It’s listed on the General… Read more »

Automatically forward users of a loadbalanced StoreFront server to /Citrix/StoreWeb

This question was asked by one of my students during one of my last NetScaler CNS 207 classes. It should not be a difficult problem. So what do we need to do? rewrite requests to /Citrix/StoreWeb. filter on requests without URL specified. bind it to the load balancing server. (there… Read more »

About Johannes Norz

      6 Comments on About Johannes Norz

This is just an other Citrix- Blog. The one by Johannes Norz. Johannes Norz is a Citrix- architect, NetScaler evangelist and Citrix certified instructor, Austrian citizen, currently living in Austria, some miles south of Vienna in Baden. He holds several of the highest Citrix certifications like CCE-V (Citrix Certified Expert… Read more »