Citrix Gateway

Configure load balancing servers for Citrix Endpoint Management or Citrix XenMobile Server

After using the Citrix ADC for Citrix Endpoint Management wizard for initial setup, use the Citrix Gateway configuration utility to configure load balancing, as described in this section. For Citrix Endpoint Management, use SSL Offload. For Citrix Endpoint Management Server, be sure to refer to the recommendations for load balancing modes under “Deployment Summary” in Integrating with Citrix Gateway and Citrix ADC.

To use SSL bridge mode for Citrix ADC VIPs

Use SSL Bridge mode if Citrix Endpoint Management is in the DMZ. When you load balance Citrix Endpoint Management with Citrix ADC VIPs in SSL Bridge mode, Internet traffic flows directly to the Citrix Endpoint Management server, where connections terminate. SSL Bridge mode is the simplest mode to set up and troubleshoot.

  1. Before configuring SSL Bridge mode, go to Citrix Endpoint Management App Management Settings and verify that Communication with Citrix Endpoint Management Server is HTTPS.

    Settings

  2. After you log on to the configuration utility, on the Home tab, in MDM Server LB, click Configure.

  3. Under LB Virtual Server for Device Management, in Name, type a name for the server.

  4. In IP Address, type the IP address for the virtual server and then click Continue.

  5. On the Load Balance Citrix Endpoint Management MDM Servers page, repeat Steps 3 and 4 and then click Create.

  6. Verify that the settings are correct and then click Done.

    Verify the settings

  7. To verify the load balancing configuration, go to Traffic Management > Virtual Servers.

    Virtual servers page

To use SSL Offload mode for Citrix ADC VIPs

Use SSL Offload for Citrix Endpoint Management. Also use SSL Offload, if necessary to meet security standards, when the on-premises Citrix Endpoint Management is in the internal network. When you load balance Citrix Endpoint Management with Citrix ADC VIPs in SSL Offload mode, Internet traffic flows directly to the Citrix ADC appliance, where connections terminate. Citrix Gateway then establishes new sessions from the appliance to Citrix Endpoint Management. SSL Offload mode involves more complexity during setup and troubleshooting.

  1. Before configuring SSL Offload mode, go to Citrix Endpoint Management App Management Settings and verify that Communication with Citrix Endpoint Management Server is HTTP.

    Verify HTTP communication

  2. Log on to the configuration utility. On the Home tab, in MDM Server LB, click Configure.

  3. Under LB Virtual Server for Device Management, in Name, type a name for the server.

  4. In IP Address, type the IP address for the virtual server and then click Continue.

  5. On the Load Balance Citrix Endpoint Management MDM Servers page, repeat Steps 3 and 4 and then click Create.

  6. Verify the settings and then click Done.

  7. When prompted to add a server certificate, choose the server certificate and click Continue.

    Click to add certificate

  8. Specify the CA certificate and click Continue.

    Select the CA certificate

  9. Keep the same Citrix Endpoint Management IP address. Click Done.

    CEM IP address

  10. To verify the load balancing configuration, go to Traffic Management > Virtual Servers.

    Validate on virtual servers page

Configure load balancing servers for Citrix Endpoint Management or Citrix XenMobile Server