Creating a Citrix listener

  1. Select Management > Listeners.
  2. Click Add.
../../_images/listeners_add.png
  1. Select Citrix StoreFront (HTTP) from the Protocol drop-down list.
  2. In the Permissions section, add users allowed to manage this object.
  3. In the Connection section, select desired connection mode.

gateway

Note

User connects to the target host by providing its actual IP address. Fudo PAM moderates the connection with the remote host using own IP address. This option requires deploying Fudo PAM in the bridge mode.

  • Select gateway from the Mode drop-down list.
  • Select the network interface used for handling connections over this listener.

proxy

Note

  • User connects to the target host by providing Fudo PAM IP address and port number which unambiguously identifies target host.
  • Proxy mode is not supported by dynamically added hosts.
  • Select proxy from the Mode drop-down list.
  • Select the the IP address from the Local address drop-down list and enter port number.

Note

  • The Local address drop-down list elements are IP address defined in the Network configuration menu (Network interfaces configuration) or labeled IP addresses (Labeled IP addresses).
  • Selecting the Any option will result in Fudo listening on all configured IP addresses.
  • In case of cluster configuration, select a labeled IP address from the Local address drop-down list and make sure that other nodes have IP addresses assigned to this label. For more information refer to the Labeled IP addresses topic.
  • In the External address field, enter an IP address (or FQDN name) along with the port number, under which Fudo can be accessed from outside the local network.

Note

The external address is listed in user portal and it enables establishing connections from external networks.

transparent

Note

User connects to the target host by providing its actual IP address. Fudo PAM moderates the connection with the remote host using user’s IP address. This option requires deploying Fudo PAM in the bridge mode.

  • Select transparent from the Mode drop-down list.
  • Select the network interface used for handling connections over this listener.
  1. Select Use TLS option to enable encryption.
  2. Select Enable SSLv2 support to support SSL v2 encrypted connections.
  3. Select Enable SSLv3 support to support SSL v3 encrypted connections.
  4. In the TLS certificate field, click i to upload (optionally provide encryption passphrase) or i to generate TLS certificate.
  5. Click Save.

Related topics: