In Part 1 of this post, we setup a simple content switching vServer to front our Remote Desktop Gateway server. It accomplished two things:
- Allowed Remote Desktop connections using the Windows RDP client with ‘Connect from Anywhere’ set to the RDG vServer address
- Allowed applications to be launched from the RDWeb web portal
- Name: CSW-RDG-Mobile
- Action: CSW-RDG-Action
- Expression: HTTP.REQ.HEADER(“User-Agent”).CONTAINS(“MSRPC”)
**Update 4/10/2016: Thanks to the feedback and comments below from Bill and Dan, it should be noted that the RDP client included with Windows 10 uses Secure WebSockets to connect. To enable this on the NetScaler, you can either modify the default HTTP profile or to be more granular, create a new HTTP profile with WebSockets enabled and bind to a specific vServer\service.
This can be done via the GUI under System > Profiles > HTTP Profiles
Or via command line (replacing http_profile1 with your new HTTP Profile):
set ns httpProfile http_profile1 -webSocket ENABLED
More information on HTTP profiles is available here: http://docs.citrix.com/en-us/netscaler/11/system/http-configurations.html
- Once upgraded to a WebSockets connection, the NetScaler does not process Layer 7 traffic on this connection.
- This will not currently work with a Unified Gateway CS vServer due to the NetScaler Gateway target vServer using WebSockets for HTML5 Receiver. I will investigate this further, though the native RDP proxy functionality in NetScaler should work in place of RDGateway.
- The following registry entry will disable WebProxy connections in the Windows 10 RDP client:
HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client