NetScaler Gateway Clients
You are presented with a key value entry screen for configuring various properties that are sup‑
ported by Citrix Secure Access. At a minimum you must configure the Server Address and VPN
Profile Name properties. You can hover over the DESCRIPTION section to get more informa‑
tion about each property.
2. For example, select VPN Profile Name and Server Address(*) properties and click OK.
This adds the properties to the configuration designer. You can configure the following proper‑
ties.
• VPN Profile Name. Type a name for the VPN profile. If you are creating more than one
VPN profile, use a unique name for each. If you do not provide a name, the address you
enter in the Server Address field is used as the VPN profile name.
• Server Address(*). Type your NetScaler Gateway base FQDN. If your NetScaler Gateway
port is not 443, also type your port. Use URL format. For example, https://vpn.
mycompany.com:8443.
• Username (optional). Enter the user name that the end users use to authenticate to the
NetScaler Gateway. You can use the Intune config value token for this field if the gateway
is configured to use it (see config value tokens.) If you do not provide a user name, users
are prompted to provide a user name when they connect to NetScaler Gateway.
• Password (optional). Enter the password that end users use to authenticate to the
NetScaler Gateway. If you do not provide a password, users are prompted to provide a
password when they connect to NetScaler Gateway.
• Certificate Alias (optional). Provide a certificate alias in the Android KeyStore to be used
for client certificate authentication. This certificate is pre‑selectedfor users if you are using
certificate‑based authentication.
• Gateway Certificate Pins (optional). JSON object describing certificate pins
used for NetScaler Gateway. Example value: { "hash-alg": "sha256", "
pinset": ["AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=", "
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB="] }. For details, see
NetScaler Gateway certificate pinning with Android Citrix Secure Access.
• Per‑App VPN Type (optional). If you are using a per‑app VPN to restrict which apps use
this VPN, you can configure this setting.
– Ifyou select Allow, network traicfor app package names listed in the PerAppVPN app
list is routed through the VPN. The network traic of all other apps is routed outside
the VPN.
– If you select Disallow, network traic for app package names listed in the PerAppVPN
app list are routed outside the VPN. The network traic of all other apps is routed
through the VPN. Default is Allow.
© 1999–2024 Cloud Soware Group, Inc. All rights reserved. 66