Netscaler 10.5 and Storefront 2.5.2 Configuration 13 Comments

Citrix Netscaler 10.5 is out since a couple of weeks now, and if you want to read what's new about this new release just click on the [link] because there are so many things I won't list everything here. I will use this blog to refresh the "how to" I already did about Netscaler and I will go through the basic setup, certificate request, import and Access Gateway configuration to plug my XenDesktop 7.5 lab. First, you need to download your Netscaler (download if you're using a VPX appliance). You can find the appliance corresponding to your hypervizor : vmware ESX Microsoft Hyper-V Citrix XenServer KVM You can download it here : [link] - myCitrix account is required One you boot up the appliance, after give the basic information like IP address, subnet and getway, you can fireup the GUI through your favorite browser. You need to logon and follow the step by step screenshots : The basic configuration is done. now time to add a certificate for the Access Gateway, creating a private key, a CSR and finally importing the pem certificate.   Don't forget to change the nsroot password. Now the certificate part is done (thanks to Digicert for my lab) you can go ahead to the next step and configure your Strorefront server to create a new store ready to connect with the Netscaler Access Gateway. Storefront part is easy and quick to do, you can now continue by creating the Access Gateway using the new wizard and following these steps : Here you go, just a reboot to have the Access Gateway up and running. I had few issue in the end with Application Firewall with Google Chrome and Safari from a Mac OSx computer, you need to enable the learning mode to check what need to be change in Application Firewall rules and allow connexion to you Access Gateway. You can customize the Netscaler Access Gateway logon page and your Storefront very easily, Eric one of my CTP friends did a very short and nice blog about that [link] and a very detailed blog written by Feng Huang Citrite here [link] This blog will give you a good overview on what needs to be done to set up an Access Gateway with Storefront, for those who don't have time to make test, now you know !

Cloudify my lab with Windows Azure 13 Comments

As I got an unlimited access to Windows Azure I wanted to check out how I could extend my lab into it and use it to store VMs workload (at first). Here what you need : Citrix NetScaler VPX (tested with NS10.1: Build 122.17.nc & NS10.1: Build 123.9.nc) Windows Azure Access Homelab (running on vSphere 5.5) Of course, you need licence for everything... Considerations : Before configuring a CloudBridge tunnel between a CloudBridge appliance in datacenter and  Microsoft Azure, consider the following points: The CloudBridge appliance must have a public facing IPv4 address (type SNIP) to use as a tunnel end-point address for the CloudBridge tunnel. Also, the CloudBridge appliance should not be behind a NAT device. (or you'll have to setup a route for your LAN computers, I'm explaining how to at the end of this blog) Azure supports the following IPSec settings for a CloudBridge tunnel. Therefore, you must specify the same IPSec settings while configuring the CloudBridge appliance for the CloudBridge tunnel. IKE version = v1 Encryption algorithm = AES Hash algorithm = HMAC SHA1  You must configure the firewall in the datacenter edge to allow the following. Any UDP packets for port 500 Any UDP packets for port 4500 Any ESP (IP protocol number 50) packets IKE re-keying, which is renegotiation of new cryptographic keys between the CloudBridge tunnel end points to establish new SAs, is not supported. When the Security Associations  (SAs) expire, the tunnel goes into the DOWN state. Therefore, you must set a very large value for the lifetimes of SAs. You must configure Microsoft Azure before specifying the tunnel configuration on the CloudBridge appliance, because the public IP address of the Azure end (gateway) of the tunnel, and the PSK, are automatically generated when you set up the tunnel configuration in Azure. You need this information for specifying the tunnel configuration on the CloudBridge appliance. First thing first, you need to use your Windows Azure account and follow the next step to begin to configure the IPSec tunnel by creating a local network In the left pane, click NETWORKS. In the lower left-hand corner of the screen, click + NEW. In the NEW navigation pane, click NETWORK, then click VIRTUAL NETWORK, and then click ADD LOCAL NETWORK. In the ADD A LOCAL NETWORK wizard, in the specify your local network details screen, set the following parameters: NAME  VPN DEVICE IP ADDRESS In the lower right corner of the screen,…

Now the final release of XenServer 5.5 is available for download ( https://www.citrix.com/English/ss/downloads/results.asp?productID=683148 with you MyCitrix account ) I had to upgrade my XenServer 5.5 beta 1 to this new release. My first step was to download all iso files and XenCenter 5.5, the I began with and upgrade of XenCenter, and the problem I had once everything was install, that didn't work... The XenCenter console disn't show up, the I choose to uninstall everything and delete the folder in "c:\program files\Citrix\XenCenter" and proceed the setup again. It did the trick. Then I was able to use this console to shutdown all the virtual computers, and then you can watch this quikc video to check what's happen during an upgrade of XenServer, it's quite simple but if you don't have the opportunity to see it at least you'll know how it looks like. [flash medium=7]

[Issues at the end of this post...] Here it is ! Full of promizes, and full of new options we are all waiting for. Let me tell you first, this is BETA release from Citrix, so don't complain to me or to Citrix if you crash your production servers, you have to run test and wait for the final new release. You can access the whole stuff from your MyCitrix account in Tech/Beta preview of XenServer. You have to download the two isos files, the proper license file and XenCenter (there is a new 5.5 version). To perfom this update just boot on the CD you just download and follow the instruction on the screen, this is what I did in the next video : [flash medium=6] Once it's done, just reboot and you did it ! Now let's me show you some of the new things I saw, I will come back later on it with a full report, it's sunday and I'm suppose to stop to geeking around during the week end :) Edit : later in the afternoon... First issue : The network didn't work at all on the new XenServer 5.5 Beta 1. I wasn't able to ping it and wasn't able to ping from it. Weird behave, it looks like the system doesn't have the parameters showing in the console recorded in the network configuration file. First try was the good, just reconfigure the network management card with the same parameters as before, so the configuration will be record again in the filesystem. BUT I DIDN'T LAST.... I had to browse a bit Citrix's support to find out I had to edit a file : /etc/sysconfig/network-scripts/ifcfg-eth0 and add : ETHTOOL_OPTS="speed 100 duplex full" I think it finaly did the trick... I will wait for tomorow to tell you it was good.

This video shows how to install Citrix XenDesktop 3 on Microsoft Windows 2003 R2 SP2. I was very surprise at first because I wasn't able to install Citrix XenDesktop 3 on Microsoft Windows 2008 (?!) This product is less than one week old and Microsoft Windows 2008 is not supported yet. In this video, I show how to install Microsoft SQL Express 2005 then Citrix XenDesktop 3. The next step will be as follow : How to install the Desktop Receiver. How to use Citrix XenDesktop 3 with Provisioning Server 5 and XenServer 5 or VMWare ESX. How to intergrate Portable Profile 2 with Citrix XenDesktop 3. Clik on continue reading to wath the video. [flash medium=5]

Now we know how to install Citrix Provisioning Server 5 on Windows 2008 ( Citrix Provisioning Server 5 on Windows 2008 ) and how to deploy the 'client' on a target device (  ) we need to know to learn how everything works together. This video shows how to configure Citrix Provisioning Server 5 and  how to create the first template then build a virtual hard disk from scratch and share it for 2 or more Virtual Machine.  If you want to use your Citrix Provisioning Server, you need to complete the two previous steps and have a Citrix Licence Server runing with proper licences. Click on continue reading to watch the video [flash medium=4] Next step, try to make everything work with XenDesktop 3 :)

Now the Citrix Provisioning Server 5 is install and running, the next step is to deploy the Target Device Client on a machine and I will show you this very simple and basic installation in the next video with a Microsoft Windows XP computer. The next step after this installation is to show you how Citrix Provisioning Server is working, the basics. [flash medium=3]

This quick installation will provide you the ability to test the product and run all the test you need to understand the way Provioning Server can change your point of view on provioning workstations and / or servers. This is a stand alone installation, which mean everything is install on the same server, DHCP, Pxe Boot, SQL Database, and TFTP server. No Active Directory interaction and no impact on the PRODUCTION network (be carefull to work in a separate VLan or on a close network. At first you need to download Citrix Provisioning Server 5 here, after you need to download and install Microsoft Framework 3.5Sp1 from here, and optionaly, download and install Microsoft Windows Installer 4.5 from here. The video begin after the installation of the Framework 3.5Sp1. The first step in the video is the installation of Microsoft SQL Server 2005 Express Edition, you'll find it with the Citrix Provisioning Server installation files. Click on Continue to Read to watch the video. [flash http://www.archy.net/wp-content/uploads/2009/02/citrix-pvs5-windows-2008-install.swf]

This video shows the way you have to follow to update your Citrix Edgesight 5.01 to 5.01 with SP1. You have to log in Windows with the database service account if possible because for a reason I haven't understand yet, as I'm using a nlb IIS Cluster with nlb SQL Reporting Services and a SQL 2005 cluster database, I was not able to complete the installation of Edgesight 5.01 SP1. (Watch bellow the version you'll get) Click on continue reading to watch the video : [flash http://www.archy.net/wp-content/uploads/2008/12/update-citrix-edgesight-501-to-sp1.swf] Once the setup is done, as I'm in nlb mode, I have to upload new templates and reports on both machines, so I change the nlb name with the two servers name and updating everything. Don't forget to update you XenApp Edgesight Client and you Endpoint Edgesight client as well.