Early this year, we announced an alternative to our previously recommended IPsec Enterprise Connectivity method, Citrix Cloud Connector. This move will not only allow more control over the Mobile Application Management (MAM) settings/timeouts and MicroVPN connections, but also eliminates the need to create and route internal traffic through an IPsec Tunnel. This will result in better performance and help meet internal compliance requirements.

The introduction of Cloud Connector as our primary method to connect your datacenter with the XenMobile Service also requires a NetScaler Gateway to be hosted on-premises. Now the question becomes, “How do I setup a NetScaler Gateway and have it communicate successfully with the XenMobile Service?”

Don’t worry, we have an answer to this: The NetScaler Gateway configuration script

The NetScaler Gateway configuration script is built into the XenMobile console. The script will pull the existing LDAP configuration (Base DN & Server Name) that was configured by Cloud Connector, the NetScaler Gateway Virtual Server Name (which is filled in by what’s populated in the “Name” field), and the XenMobile Fully Qualified Domain Names.

Settings → NetScaler Gateway → Add → Export Configuration Script


After the configuration script is downloaded, it will contain 5 files:

  • Readme File – This will walk you through the steps on how to run this script along with the pre-requirements.
  • NetScaler Gateway Creation Script – This will be used to create the configuration needed to connect the on-premises NetScaler Gateway to your XenMobile Service
  • XenMobile Service Intermediate Certificate – Used to complete SSL communication back to XenMobile Service
  • XenMobile Service Root Certificate – Used to complete SSL communication back to XenMobile Service – Chained to the Intermediate
  • NetScaler Gateway Deletion Script – This will be used to remove the configuration that was created by the NetScaler Gateway Creation Script (if needed)

A few placeholders will be need to be changed within the configuration script (customer-specific settings) and then you are good-to-go to run the script on your NetScaler VPX, MPX or SDX.


If you need help configuring/running this script, our XenMobile Rapid Deployment Team will be ready to help. This goes for new customers that are getting on-boarded to XenMobile Service for the first time or existing customers that want to move the NetScaler Gateway component to their on-premise datacenter.

Take a quick look at some of the blog posts that discuss the XenMobile Service and Cloud Connector in more detail:

EMM banner