Hi friends, In this post i am going to explain that how we can use Netscaler as a gateway. Now days Netscaler is not bounded with boundaries ans this became an power full device which can perform Load balancing, End point scanning, VPN, Gateway for email servers/websites and lot more. Most of the peoples have there different point of views regarding Netscaler. Some peoples think it's an load balancing box some think it's gateway box some thing it's VPN box and lot more. Here i want to tell that it's not doing single operation now days it perform all required operations which any corporate gateway should perform. In real word i seen network guys propose lot of new boxes in front of business for there own learning which put huge cost on project\companies and due to lack of technical knowledge PM get that approved from business as well even they already have gateway box in place which can perform same operation. If you guys using Netscaler i recommend you to explore more about Netscaler functions so that you can save overall project cost. Now coming back to topic how can configure Netscaler as Gateway box.
Earlier we use IPSEC for public devices to connect via internet to our internal network devices. Now we use SSL gateway for that purpose which do three major operations during VPN connection AAA,VPN, End point scanning. AAA represent Authentication,Allow,Accounting and auditing. Authentication verifies who is trying to access the resource then allow operation check the permission and allow access and Auditing record all operation performed by authenticated user. Next step is establishing SSL-VPN connection which also add-on to corporate security with the help of certificates before that connectivity completion End point scanning operation perform which check the end user device as per defined corporate policy for example user should have latest version of antivirus, machine local name should start with XXX, Some prerequisite process should be running so that end user will not face any issue while opening application. Incase any of the above prerequisite fail during end point scanning user VPN connection would not be establish and out corporate device would remain safe.
Before start on Netscaler check some basic feature should be enabled. To check that go to System tab the click on configure basic feature then select Netscaler Gateway. See screenshot for details,
After that Navigate to Netscaler Gateway and run the Netscaler gateway wizard which is easy way to start setting up netscaler as gateway. See screenshot for details,
On next screen select the certificate which we generated for that gateway and click continue. Here select the authentication method which you want to select for users. Incase want local users then select local as authenticated method and give user details.Click continue and you virtual server would be created. To check that you can navigate to Netscaler gateway then go to Virtual server and you can see that your created Gateway Virtual server is mentioned there,
Earlier we use IPSEC for public devices to connect via internet to our internal network devices. Now we use SSL gateway for that purpose which do three major operations during VPN connection AAA,VPN, End point scanning. AAA represent Authentication,Allow,Accounting and auditing. Authentication verifies who is trying to access the resource then allow operation check the permission and allow access and Auditing record all operation performed by authenticated user. Next step is establishing SSL-VPN connection which also add-on to corporate security with the help of certificates before that connectivity completion End point scanning operation perform which check the end user device as per defined corporate policy for example user should have latest version of antivirus, machine local name should start with XXX, Some prerequisite process should be running so that end user will not face any issue while opening application. Incase any of the above prerequisite fail during end point scanning user VPN connection would not be establish and out corporate device would remain safe.
Before start on Netscaler check some basic feature should be enabled. To check that go to System tab the click on configure basic feature then select Netscaler Gateway. See screenshot for details,
After that Navigate to Netscaler Gateway and run the Netscaler gateway wizard which is easy way to start setting up netscaler as gateway. See screenshot for details,
Before start configuration please make-sure that you have below prerequisites in hand,
- Public IP address
- Digitally signed server certificate(.PFX or PEM)
- Client Certificate LDAP/Radius.TACACS/SAML/Web authentication details
Click Next and put the public IP in console and give name of virtual gateway server and select port as 443. Here there is an check box which you can select if you want to redirect automatically all incoming request for port 80 to 443 on specific URL.
Our Netscaler is configured to start using as gateway. To start using that you can login and download the Client using gateway URL or you can use client less method as well. In further articles i will explain about how we can use Netscaler Gateway for different purposes and how the configuration would be done to perform different functions.
No comments:
Post a Comment
Thanks for Messaging i will respond ASAP.