I am working on an LTM-APM/ Citrix integration where VDI assignments for private desktops in the DDC delivery group are being assigned based on source IP address. Since the citrix environment is not inline with the BigIP, automap is needed. This however changes the behavior for thin clients intended to be offered a private desktop since the IP being seen is the selfIP instead of the client sourceIP. I cannot find in the citrix documentation a way to utilize something like an XFF header or something within HTTP to add this functionality back in.
A few notes, storefront is not being replaced and we are proxying ICA. Everything works well aside from the issue described.
The VDI private broker desktop is being set in powershell via this command:
Set-BrokerPrivateDesktop domain\VDImachine1 -AssignedIPAddress 10.10.10.10 ..... where 10.10.10.10 is intended to be the source IP of the actual thin client machine.
Has anyone run into this and come up with a solution outside of putting the citrix servers inline with the bigip as their default gateway and disabling snat?
We could try to use Citrix SmartAccess to filter the private resources published on DDC farm.
BIGIP APM supports Citrix SmartAccess. Please refer https://www.f5.com/pdf/deployment-guides/citrix-vdi-iapp-dg.pdf.