I would like your feedback and if possible the steps that are required to implemented a recent Citrix infrastructure (Storefront 3.0 + ) with F5 network equipment doing the load-balancing and mainly the Access Policy Manager (with iApp) ? We are struggling to implement it
Our goals are:
1- Be in HTTPS from the Citrix Receiver to the F5 and to the Storefront
2 - Make sure that all traffic come and go through the F5
3 - Allow the Storefront to know the IP of the client machine with the Receiver and not having the IP of the F5 as client's IP
4 - Be able afterwards to implement SSO or other advanced features of the Receiver
So far we have a F5 configured with the iApp, that is configured to forward the IP of the client to the Storefront but the Storefront keep seeing the IP of the F5 and not the client. The traffic is in HTTP between the F5 and the Storefront. But all traffic go through the F5.
Our version of the Storefront is: 220.127.116.11
Thank you for your advices ! Let me know if you need more info
To capture client's ip you need to make your StoreFront web server x-forwarded-for header aware. To do so please refer to page 30 of XenApp deployment guide.
Did you already configured this? if so, what changes did you made on store front? I am having similar kind of issues. using APM and LTM and passing it through the Storefront 3.0.1, but it prompts me with an error message, "login expired".