Thursday, May 15, 2014
This morning, I had a brand new user log into a Citrix XenApp 6.0 environment. When launching applications, they received the following error message.
Quick and easy fix for this one is to delete the users profile. User can now log in and launch applications. Issue resolved!
at May 15, 2014
Monday, May 12, 2014
NetScaler - Gateway vServer- Dropping packets from a specific Source
While talking with a citrixirc colleague, the question was brought up... "Is there a way to block 1 client from a vserver at the NetScaler level?"
The answer is "Yes". I am sure there are multiple ways to do this. I personally would use a "Responder Policy".
If you want to learn more about Citrix Responder Policies you can check out support.citrix.com.
Setting up a Responder Policy to drop a client
- Open up the GUI and go to "NetScaler Gateway > Virtual Servers"
- Open the vServer you would like to add the Responder Policy too.
- Click on the "Policies" tab
- Then click on the Responder button
- Click on Insert Policy at the bottom
- Then click on "New Policy..."
- Create the following Responder Policy
- Name: rpol-%youpickaname%
- You can use which ever naming convention you would like. I use "rpol" for my Responder Policies.
- Action: DROP
- Expression: CLIENT.IP.SRC.EQ(10.10.10.10)
- Replace 10.10.10.10 with the IP you want to block.
- Click on "Create" and you should now see you Responder Policy under the Responder Section.
If you want to verify from the NetScaler it is being blocked, you could do something like
- Enable logging
- SSH to you NetScaler and from shell do a "NSTCPDUMP.sh dst 10.10.10.10" to see what is happening with the packets.
- From CLI do
- Show Connectiontable "DESTIP eq 10.10.10.10"
If you wanted to do this all from the CLI, you could just do...
add responder policy rpol-block-ip "CLIENT.IP.SRC.EQ(10.10.10.10)"
bind vpn vserver My-vServer -policy rpol-block-ip -priority 100 -gotoPriorityExpression END -type REQUEST
Note: This only blocks new connections. Any existing connections will remain connected until they are forced to reconnect.
at May 12, 2014
Where’s my enabled Users? I’m going through and fine tuning our Proodpoint Spam solution and noticed one of the filters needs to be updated....
HP Blade Integrated Lights-Out Setting Hot Keys I just shipped out a HP Blade Server to Fresno California yesterday, and I had my remote h...
Running GPRESULT results in "Error: Access Denied" Today on one of my Citrix Servers I was presented with an error when troubles...