Citrix Gateway

Deploying the Web Interface in the Secure Network

In this deployment, the Web Interface resides in the secure, internal network. Citrix Gateway is in the DMZ. Citrix Gateway authenticates user requests before sending the requests to the Web Interface.

When you deploy the Web Interface in the secure network, you must configure authentication on Citrix Gateway.

If you deploy the Web Interface with Citrix Virtual Apps and Desktops, deploying the Web Interface in the secure network is the default deployment scenario. When the Desktop Delivery Controller is installed, a custom version of the Web Interface is also installed.

Important: When the Web Interface is in the secure network, you should enable authentication on Citrix Gateway. Users connect to Citrix Gateway, type their credentials, and then connect to the Web Interface. When you disable authentication, unauthenticated HTTP requests are sent directly to the server running the Web Interface. Disabling authentication on Citrix Gateway is recommended only when the Web Interface is in the DMZ and users connect directly to the Web Interface.

Figure 1. Web Interface Located Inside the Secure Network

localized image

Deploying the Web Interface in the Secure Network