Stéphane Thirion
  • Home
  • Consulting – Raidho
  • homelab
3K
0
0
0
Stéphane Thirion
Stéphane Thirion
  • Home
  • Consulting – Raidho
  • homelab
  • Azure
  • Azure
  • Citrix
  • Cloud
  • Microsoft
  • NetScaler
  • VDI
  • Windows 10
  • XenApp
  • XenDesktop

Cloudify my Lab with Microsoft Azure (reload)

  • January 17, 2017
  • Stephane Thirion
Total
0
Shares
0
0
0
0
0
0
0

3 years ago I wrote this blog Cloudify my lab with Microsoft Azure, since, many things moved on on the Microsoft side, more options, Netscaler available as well in Azure, I though it was time to update and extend this blog.

Here is what you will need if you want to do it by yourself, this is what I used Netscaler version should be all ok and whatever the hypervisor you have on-premise, you’ll be fine.

  • Citrix NetScaler VPX (3000) (tested with NS11.1 50.10.nc)
  • Windows Azure Access
  • Homelab (running on Citrix XenServer 7 fully patched until update 23)
  • XenApp / XenDesktop 7.12
  • Your public IP address, your subnet
  • Of course, you need licences for everything…

Considerations :

Before configuring a CloudBridge tunnel between a CloudBridge appliance in datacenter and  Microsoft Azure, consider the following points:

  1. The CloudBridge appliance must have a public facing IPv4 address (type SNIP) to use as a tunnel end-point address for the CloudBridge tunnel. Also, the CloudBridge appliance should not be behind a NAT device. (or you’ll have to setup a route for your LAN computers, I’m explaining how to at the end of this blog)
  2. Azure supports the following IPSec settings for a CloudBridge tunnel. Therefore, you must specify the same IPSec settings while configuring the CloudBridge appliance for the CloudBridge tunnel.
    • IKE version = v1
    • Encryption algorithm = AES
    • Hash algorithm = HMAC SHA1
  3.  You must configure the firewall in the datacenter edge to allow the following.
    • Any UDP packets for port 500
    • Any UDP packets for port 4500

The goad of this experience is to connect my lab (on-premise) to Azure and build a tunnel to have both side communicating through it. So the architecture will look like that :

Simple hybrid deployment – With Optimal Gateway

Let’s do this, connect to the Azure portal and create a new Resource Group. Keep a logical naming choice so you’ll know what you click on later.

After, we need to create a Virtual Network, I chose the Address space 10.1.0.0/24 (this is the one that was by default, I kept it) Use the Resource Group we just created and click Create.

Now we need to create a Virtual Network Gateway with a new Public IP address (if you already have an available one in your Azure subscription, you can use it) That will be the public IP address we will use to communicate with the Netscaler on-premise. Click on OK to create the public IP address and create the Virtual Network as follow. Don’t forget to chose VPN type to Policy Based, click Create.

This may take a while, like 20 minutes at least.

Then you need to click on the Virtual Network Gateway we just created, on Connections and click to add a new connection. change the connection type to Site to Site (IPSec) and in the Local Network Gateway, enter the information of your on-premise network (subnet) and its public IP ( to reach the on-premise Netscaler) Remember the Shared Key we will need it on the Netscaler side. Click on OK and on Create

Now we will add the on-premise DNS servers. To do so click on Virtual Network, chose the one we create and the click on DNS Servers, enter the correct information click on Save.

Now we switch on-premise to the Netscaler side. Logon into the Netscaler and go to the CloudBridge node :System / CloudBridge Connector and Create/Monitor CloudBridge Connector. Time to Get Started

Chose Microsoft Windows Azure

Enter your Azure informations here, Public IP address and subnet informations we filled in Azure. Click on Continue

Do the same but with the on-premise information, click on Continue

Enter a name for this CloudBridge Connector and the Pre Shared Security Key we used on the Azure VPN connection we created. Click on Done

This is it, my Datacenter (Lab) is connected to Azure.

To make machine communicate from both side, here is the quick and dirty route add that needs to be done :

route add for Windows   
route add 10.1.0.0 mask 255.255.255.0 192.168.0.249
          ^Azure Sub      ^Azure Mask   ^NetScaler SubnetIP

To add a route on my Mac I had to run this command :

Route Add Mac   
route -n add 10.1.0.0/24 192.168.0.249
             ^Azure Sub    ^NetScaler SubnetIP

To avoid modifying every and each machine as above on my LAN, I installed a Linux Router (PFSense) it is free and works well. I just disabled the firewall and add a route to use for 10.1.0.0/24

 

I blogged about how fast it was to create a complete XenApp infrastructure in Azure [XenApp on Azure, is it really that easy ?] and it was fast but this is a Azure only deployment and nothing except base OS and few basic application. This is ideal for POC but not at all when you want to extend your existing on-premise infrastructure.

Then I wrote about CloudBursting XenApp / XenDesktop into Azure [CloudBursting XenApp / XenDesktop in Azure 1/2] where I showed how to use Studio console to link an Azure subscription and create a Machine Catalog to provision VM in Azure. But in the end, these VMs are “alone” in Azure and can’t be used just as is.

Now the link is established, possibilities to be able to actually use the VMs created in the CloudBursting XenApp / XenDesktop in Azure 1/2 blog become to make sense.

Note : The schema at the beginning of the blog is from a Citrix Summit presentation made by Josh Fleming (​Principal Sales Engineer – Enterprise, Citrix) and Prasanna Padmanabhan  (​Director, Microsoft Solutions Engineering, Citrix) – TECH311

Total
0
Shares
Tweet 0
Share 0
Share 0
Share 0
Share 0
Share 0
Share 0
Related Topics
  • Azure
  • Citrix
  • Cloud
  • CloudBridge
  • CloudBursting
  • Microsoft
  • NetScaler
  • vpn
  • XenApp
  • XenDesktop
Stephane Thirion

Previous Article
  • Azure
  • Citrix
  • Cloud
  • Experience
  • Microsoft
  • XenApp
  • XenDesktop

CloudBursting XenApp / XenDesktop in Azure 1/2

  • January 14, 2017
  • Stephane Thirion
View Post
Next Article
  • Citrix
  • CTP
  • Experience

Citrix CTP 2017

  • January 31, 2017
  • Stephane Thirion
View Post
You May Also Like
View Post
  • Active Directory
  • ADC
  • Citrix
  • Citrix Virtual Apps and Desktops
  • DaaS
  • Microsoft
  • NetScaler
  • Security

Netscaler native OTP Active Directory account delegation

  • Stephane Thirion
  • March 22, 2023
View Post
  • ADC
  • Citrix
  • NetScaler
  • SDX
  • Uncategorized

Invalid time in the Message sent by the Peer. Please ensure time synchronization between Netscaler and the Peer

  • Stephane Thirion
  • March 3, 2023
View Post
  • ADC
  • Citrix
  • NetScaler
  • SDX

Netscaler SDX LACP on 0/1 and 0/2 (Management Interfaces)

  • Stephane Thirion
  • March 2, 2023
View Post
  • Citrix
  • Citrix Virtual Apps and Desktops
  • Cloud
  • DaaS
  • Microsoft
  • PowerShell
  • VMware
  • vSphere

Create vmware service account for MCS Citrix

  • Stephane Thirion
  • February 28, 2023
View Post
  • Citrix
  • CTP
  • Uncategorized

This is the end of an era

  • Stephane Thirion
  • February 16, 2022
View Post
  • VMware
  • vSphere
  • Windows 2022

Migrating FSMO roles Windows 2022 Server

  • Stephane Thirion
  • January 3, 2022
View Post
  • Cloud
  • Docker
  • Kubernetes
  • Raspberry

Kubernetes cluster with Raspberry Pi(s)

  • Stephane Thirion
  • December 28, 2021
View Post
  • ADC
  • Experience
  • Linux

Cloud yes but no, thanks (there is some Citrix)

  • Stephane Thirion
  • December 7, 2021
vmware
Binance – Affiliated link
Coinbase – Affiliated link
Blog Stats
  • 1,239,194 hits
Categories
  • Amazon (1)
  • Apple (20)
    • iOS (5)
    • Mac OSx (11)
  • ArchY.net Site (30)
  • Azure (8)
  • Certifications (3)
  • Citrix (211)
    • ADC (4)
    • Citrix Virtual Apps and Desktops (5)
    • DaaS (2)
    • NetScaler (15)
    • Password Manager (3)
    • Personal vDisk (5)
    • Power and Capacity Management (3)
    • Provisioning Services (22)
    • Receiver (29)
    • SDX (2)
    • ShareFile (8)
    • Single Sign On (3)
    • SmartAuditor (2)
    • Storefront (12)
    • Synergy (25)
    • User Profile Management (2)
    • VDI (7)
    • WebInterface (21)
    • XenApp (84)
    • XenApp Plugin (3)
    • XenClient (10)
    • XenDesktop (55)
    • XenServer (42)
  • Cloud (13)
  • Crystal Ball (2)
  • CTP (13)
  • Docker (2)
  • Events (35)
    • E2E – PubForum (9)
    • Geek Speak (3)
  • Experience (53)
  • Kubernetes (2)
  • Licensing (3)
  • Linux (12)
  • Microsoft (147)
    • Active Directory (1)
    • Azure (8)
    • Office365 (4)
    • PowerShell (19)
    • RDS (5)
    • Windows 10 (6)
    • Windows 2003 (21)
    • Windows 2008 (20)
    • Windows 2008 R2 (54)
    • Windows 2012 (13)
    • Windows 2012R2 (13)
    • Windows 2016 (18)
    • Windows 2019 (4)
    • Windows 2022 (1)
    • Windows 7 (27)
    • Windows 8 (19)
    • Windows Virtual Desktop (1)
    • Windows XP (11)
  • News (5)
  • Raidho (2)
  • Raspberry (3)
  • Scripting (13)
  • Security (5)
  • Slide Deck (1)
  • Thin Clients (3)
  • Twitter (1)
  • Ubiquiti (1)
  • Uncategorized (13)
  • VMware (28)
    • VMWare WorkStation (2)
    • vSphere (16)
Stéphane Thirion
Don't Follow the Trend

Input your search keywords and press Enter.

 

Loading Comments...