-
Selecting the Citrix Gateway plug-in for Users
-
Configuring Connections for the Citrix Gateway plug-in
-
Configuring Split Tunneling
-
Configuring Application Access for the Citrix Gateway plug-in for Java
-
AlwaysOn VPN before Windows logon (Formally AlwaysOn service)
This content has been machine translated dynamically.
Dieser Inhalt ist eine maschinelle Übersetzung, die dynamisch erstellt wurde. (Haftungsausschluss)
Cet article a été traduit automatiquement de manière dynamique. (Clause de non responsabilité)
Este artículo lo ha traducido una máquina de forma dinámica. (Aviso legal)
此内容已经过机器动态翻译。 放弃
このコンテンツは動的に機械翻訳されています。免責事項
이 콘텐츠는 동적으로 기계 번역되었습니다. 책임 부인
Este texto foi traduzido automaticamente. (Aviso legal)
Questo contenuto è stato tradotto dinamicamente con traduzione automatica.(Esclusione di responsabilità))
This article has been machine translated.
Dieser Artikel wurde maschinell übersetzt. (Haftungsausschluss)
Ce article a été traduit automatiquement. (Clause de non responsabilité)
Este artículo ha sido traducido automáticamente. (Aviso legal)
この記事は機械翻訳されています.免責事項
이 기사는 기계 번역되었습니다.책임 부인
Este artigo foi traduzido automaticamente.(Aviso legal)
这篇文章已经过机器翻译.放弃
Questo articolo è stato tradotto automaticamente.(Esclusione di responsabilità))
Translation failed!
Configuring Split Tunneling
You can enable split tunneling to prevent the Citrix Gateway plug-in from sending unnecessary network traffic to Citrix Gateway.
When you do not enable split tunneling, the Citrix Gateway plug-in captures all network traffic originating from a user device and sends the traffic through the VPN tunnel to Citrix Gateway.
If you enable split tunneling, the Citrix Gateway plug-in sends only traffic destined for networks protected by Citrix Gateway through the VPN tunnel. The Citrix Gateway plug-in does not send network traffic destined for unprotected networks to Citrix Gateway.
When the Citrix Gateway plug-in starts, it obtains the list of intranet applications from Citrix Gateway. The Citrix Gateway plug-in examines all packets transmitted on the network from the user device and compares the addresses within the packets to the list of intranet applications. If the destination address in the packet is within one of the intranet applications, the Citrix Gateway plug-in sends the packet through the VPN tunnel to Citrix Gateway. If the destination address is not in a defined intranet application, the packet is not encrypted and the user device routes the packet appropriately. When you enable split tunneling, intranet applications define the network traffic that is intercepted.
Note: If users connect to published applications in a server farm by using Citrix Receiver, you do not need to configure split tunneling.
Citrix Gateway also supports reverse split tunneling, which defines the network traffic that Citrix Gateway does not intercept. If you set split tunneling to reverse, intranet applications define the network traffic that Citrix Gateway does not intercept. When you enable reverse split tunneling, all network traffic directed to internal IP addresses bypasses the VPN tunnel, while other traffic goes through Citrix Gateway. Reverse split tunneling can be used to log all non-local LAN traffic. For example, if users have a home wireless network and are logged on with the Citrix Gateway plug-in, Citrix Gateway does not intercept network traffic destined to a printer or another device within the wireless network.
For more information about intranet applications, see Configuring Client Interception.
You configure split tunneling as part of the session policy.
To configure split tunneling
- In the configuration utility, on the Configuration tab, in the navigation pane, expand Citrix Gateway Policies and then click Session.
- In the details pane, on the Profiles tab, select a profile and then click Open.
- On the Client Experience tab, next to Split Tunnel, select Global Override, select an option and then click OK twice.
Configuring Split Tunneling and Authorization
When planning your Citrix Gateway deployment, it is important to consider split tunneling and the default authorization action and authorization policies.
For example, you have an authorization policy that allows access to a network resource. You have split tunneling set to ON and you do not configure intranet applications to send network traffic through Citrix Gateway. When Citrix Gateway has this type of configuration, access to the resource is allowed, but users cannot access the resource.
If the authorization policy denies access to a network resource, you have split tunneling set to ON, and intranet applications are configured to route network traffic through Citrix Gateway, the Citrix Gateway plug-in sends traffic to Citrix Gateway, but access to the resource is denied.
Share
Share
This Preview product documentation is Citrix Confidential.
You agree to hold this documentation confidential pursuant to the terms of your Citrix Beta/Tech Preview Agreement.
The development, release and timing of any features or functionality described in the Preview documentation remains at our sole discretion and are subject to change without notice or consultation.
The documentation is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making Citrix product purchase decisions.
If you do not agree, select Do Not Agree to exit.