If you deploy APM 11.4.1 HF2 or later, it supports using STA tokens, and thus can be used with ICA signing feature, as ICA file rewrite is not needed in this case. Here is how to do this:
Documentation notes for this feature:
- Prerequisites:
-
Citrix Web Interface (WI) site working in Gateway Direct Mode and published via Citrix Access Gateway (AGEE)
-
Configuring APM
- Virtual Server (VS) is configured to provide ICA Proxy functionality either via iApp or as described in here: http://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-citrix-integration-11-3-0.html
- Additional session variable named "session.citrix.sta_servers" must be added to the policy using the "Variable Assign" agent in Visual Policy Editor
- The value of "session.citrix.sta_servers" is the same as you would enter on Web Interface:
So the assignment will normally look like this:
session.citrix.sta_servers = return {http://mysta.company.com/scripts/ctxsta.dll}
- If there is more than one STA server, the individual URLs are delimited by a semicolon