We recently had a meeting with a large partner of ours and they handed down some hefty requirements. An average of 100 partners using their portal on any given month to access their development environments on the backend. It was clear that NetScaler could scale, but the question was how to keep all of those partners separated from each other, without them peeking into each others traffic. It turned out to be easier than we thought using the NetScaler as an SSL VPN with the addition of some policies bound to each partner’s user group. The following is an overview of the network diagram, and there are some deployment guides to walk you through these installations.
The Citrix SSL VPN CPS Deployment Guide walks you through deploying NetScaler SSL VPN as an ICA Proxy and authentication point. It then walks you through deploying Citrix Presentation Server and the steps necessary to connect the SSL VPN to the CPS Applications. The guide includes Session policies which direct users upon authentication to specific CPS farms on the backend of the NetScaler SSL VPN. Think of it as an authentication portal.
The Citrix SSL VPN Deployment Guide walks you through deploying NetScalers as an HA Pair, and then as an SSL VPN with ICA Proxy OFF. The intention was to use the SSL VPN for regular VPN traffic, and not Citrix Presentation Server traffic. Just as well, policies can be combined on the same NetScaler Application Switch to allow both non-CPS and CPS traffic to traverse the same SSL VPN.
Tap into the power of AppExpert