Citrix NetScaler Unified Gateway Series – Part 2 – Integrating your Apps and Desktops

Citrix NetScaler Unified Gateway Series – Part 2 – Integrating your Apps and Desktops

Citrix NetScaler Unified Gateway Series – Part 2 – Integrating your Apps and Desktops

This post has already been read 32233 times!

So, we are back with Part 2 of the Citrix NetScaler Unified Gateway blog series (after a little delay whilst i re-built my lab!, note to self – backups !!) and in this article I am going to walk you through integrating your Apps and Desktops into your clienteles access portal for and easier and more streamlined user experience.

In Part 1 – Citrix NetScaler Unified Gateway – Part 1 – Initial Setup I walked you through getting your unified gateway up and running and connected to your back end infrastructure.  Now in Part 2 I will walk you through integrating your apps and desktops into the clienteles access portal.

Lets get started.

So, when you log into your gateway you will see that you are shown 3 options:

Screen Shot 2016-02-11 at 19.14.12

If you choose option 3 it will take you into your apps and desktops, and option 2 will take you into your clienteles access web resources.  What if you want both ! So, if you click on option 2 currently you will get the following screen:

Screen Shot 2016-02-11 at 19.16.19

NOTE: No Access to your apps.

This is how the Citrix Wizard for Unified Gateway will configure your portal out the box.  To Change that follow these steps.

Log into your StoreFront Server and navigate to the following location


locate the file called web.config

open the file and locate the following text

<add name="X-Frame-Options" value="deny" />
<add name="Content-Security-Policy" value="frame-ancestors 'none'" />

change it to

<add name="X-Frame-Options" value="allow" />
<add name="Content-Security-Policy" value="frame-ancestors 'self'" />

NOTE: There will be 3 entries in the web.config file for this entry.  Make sure you change all of them!

New you need to change your NetScaler config.  Log into your NetScaler and Navigate to the NetScaler Gateway global settings.

Screen Shot 2016-02-11 at 19.23.29

Click on Global Settings and you will be shown all the global options for the NetScaler Gateway

Screen Shot 2016-02-11 at 19.23.41

Select “Configure Domains for Clienteles Access”

Screen Shot 2016-02-11 at 19.23.49

Select Allow Domains and add your domain to the list, click the + icon

Screen Shot 2016-02-11 at 19.31.44

You will see you domain listed, then click OK

Screen Shot 2016-02-11 at 19.31.52

Next you need to edit the session profile created by the wizard to show you the tab for Applications.  Navigate to NetScaler Gateway – Policies – Session

Screen Shot 2016-02-11 at 19.36.23

Click on Session Profiles

Screen Shot 2016-02-11 at 19.37.58

Locate the session the wizard will have created with AC_WB_ in the title

Screen Shot 2016-02-11 at 19.38.06

Double click that profile to edit it.  Then select the Published Applications tab.

Screen Shot 2016-02-11 at 19.40.46

Scroll down until you see Web Interface Portal Mode

Screen Shot 2016-02-11 at 19.41.46

Put a tick in the box and change it to Compact

Screen Shot 2016-02-11 at 19.41.55

Click OK and Save the config.

Log back into your NetScaler Unified Gateway and select the Clienteles Access option

Screen Shot 2016-02-11 at 19.43.54

On the left you should see an additional option

Screen Shot 2016-02-11 at 19.44.03

This is the option you are looking for !

Screen Shot 2016-02-11 at 19.44.12

Click on that option and you should see your apps and desktops

Screen Shot 2016-02-11 at 19.44.33

Thats it for part 2 – in part 1 we set up the Citrix NetScaler Unified Gateway and now we have integrated our apps and desktops properly into the interface.

Part 3 will include adding we resources to the gateway and SaaS services.

Hope this helps some of you out, as always comment and share.





7 thoughts on “Citrix NetScaler Unified Gateway Series – Part 2 – Integrating your Apps and Desktops

  1. Kari Ruissalo


    This was a great post. Thanks for the detailed info.

    Have you found a way to redirect users straight to the Clientless portal without displaying the Client Choices screen after logging in? I’m thinking of doing this (temporarily) using a Responder policy/action but it’s not probably the best solution for production?

      1. Kari Ruissalo

        Actually, you can accomplish this with proper values in the session policy. I found out that if you set the ICA proxy in the session policy to OFF, that will do the trick. So actually the responder wasn’t required after all (which is kind of a relief in the sense that when we update the NS firmware it might break).

  2. Luc Boulard

    I just followed your procedure, and I am facing an issue with the storefront web site. When I try to access the applications tab, it quickly shows an error message ‘cannot complete your request’ When I look in the web server log files, I get a HTTP 401 – Unauthorized: Access is denied due to invalid credentials. error message.
    When I access the site via the “Virtual App and remote access”, the page is displayed correctly, and the application’s are being launched.
    Versions used:
    – Netscaler 11.1 (build 54.14)
    – Storefront (XenApp 7.13) on windows 2012 R2 server.
    I tried to turn around the issue, but I can’t get it working.

    Any idea ?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.