roger10dc_46053
Sep 09, 2010Nimbostratus
Source Network based Stream profile for Citrix Secure GW
Hello -
We have a single instance of Citrix Secure Gateway in our DMZ which users access using https://www.mycsg.com/Citrix/XenApp/
The goal is for internal users (10.0.0.0 / 8) to redirect to https://www.mycsg.com/Citrix/XenApp1/ which is setup to send the Citrix clients direct via ICA instead of HTTPS.
The BigIP virtual server must be SSL Pass Through. Any time lately that I apply an http profile the connection breaks.
I attempted the following:
when CLIENT_DATA {
Disable the stream filter by default
STREAM::disable
Check if client IP is in the datagroup
if {[matchclass [IP::client_addr] equals $::internal_net]}{
STREAM::enable
}
}
with a stream profile of:
https://www.mycsg.com/Citrix/XenApp/
https://www.mycsg.com/Citrix/XenApp1/
The connection works, but nada on the rewrite.
Thanks,