AuthorJohannes Norz

Johannes Norz is a Citrix Certified Citrix Technology Advocate (CTA), Citrix Certified Instructor (CCI) and Citrix Certified Expert on Application Delivery and Security. He frequently works for Citrix international Consulting Services and several education centres all around the globe.

Replying with a 301 Moved Permanently
instead of a 404 not found

By Johannes Norz
8 February 2021
7 Min read
Add comment
R

last update: May 6th 2021 I recently moved my blog to a new host, so several objects don’t exist anymore. Unfortunately, this will lead to plenty of 404 not found, instead of giving users access to the website as a whole. So I decided to replace all not found with redirects to a certain page, it might be any kind of sorry page or the default page. It’s up to you. The problem Changing...

Read onRead laterAdd comment

Costumizing a NetScaler Gateway 10.5 using policies

By Johannes Norz
8 February 2021
2 Min read
Add comment
C

There are several guidelines out there how to do this. I want to dig a bit deeper. Why do I want to use NetScaler policies to rewrite and pimp this webpage? There are two reasons: A NetScaler is there and it is possible. And it will survive all (or near to all, there will never be a guarantee!) upcoming NetScaler updates! So where do we start? This is a German version of a NetScaler Gateway...

Read onRead laterAdd comment

Binding many NetScaler Gateways to a content switching vServer on Citrix NetScaler, Method 2

By Johannes Norz
8 February 2021
4 Min read
Add comment
B

Or: Admin partitions Update, March 2021: It does not work with current versions This is a workaround for a well-known problem in NetScaler: Binding NetScaler Gateways to content switching vServers. This solution does not follow Citrix best practices. Avoid using it, if you can! My solution will work with NetScaler 11.1 upward. The Problem Up to 11.0, it was impossible to bind a NetSaler Gateway...

Read onRead laterAdd comment

Flexible Multi-Factor flows in Citrix ADC (NetScaler) using Azure MFA

By Johannes Norz
28 January 2021
11 Min read
Add comment
F

I came across following issue, doing a Citrix ADC / NetScaler project: My customer wanted to use Azure MFA for internal users and LDAP/RADIUS for external users like contractors and parters. That’s a typical use-case for n-factor authentication. So how do we solve problems like that? The solution A Solution based on group membership The difference between internal and external users is...

Read onRead laterAdd comment

How to start a Citrix ADC / NetScaler WAF Project, Part 5: Field Formats

By Johannes Norz
28 December 2020
7 Min read
2 comments
H

This is the fifth part of this blog. Part Part 1 2 3 4 5 Form-fields are a major gate to send malicious data to a web-server. It’s obvious, a website programmer does not want to do input validation twice, on the user and on the server-side. What could happen? If everything is tested on the client-side, data arriving on the server-side has to be good. Even worse: If an input field does not...

Read onRead later2 comments

Bi-Stable active-passive load-balancing with Citrix ADC / NetScaler

By Johannes Norz
9 December 2020
7 Min read
Add comment
B

last update: December 10th 2020 I recently came across a problem, that had been hard to resolve. Active/passive load-balancing typically is easy to do: You create a load-balancing vServer for the active service, and another one, intended to be passive, for desaster recovery. Then you set the disaster recovery vServer as a protection vServer for the active vServer. It will automatically switch to...

Read onRead laterAdd comment

Citrix ADC / NetScaler and TLS 1.3

By Johannes Norz
9 October 2020
6 Min read
Add comment
C

Last change: February 4th 2021. Thanks to Dirk Bautz! This is the 2nd part to my article “Which ciphers to use on a Citrix ADC /NetScaler?” This one had been about TLS versions up to 1.2 only. Moving from TLS 1.2 to TLS 1.3 on an existing Citrix ADC ( NetScaler) may be a big step with some obstacles to overcome. It needs some investigation. The problem? It seems to be easy: Just tick...

Read onRead laterAdd comment

SSH keys on Citrix ADC / NetScaler, a miracle?

By Johannes Norz
10 September 2020
7 Min read
Add comment
S

Thinking back to the end of my UNIX days, there had been something called SSH. It had been a replacement for telnet and had a nice feature called SSH keys. SSH keys were a safe and easy way to replace those tiresome passwords. I loved them! Almost at the same time, Windows came up and I lost contact with UNIX. I always hoped, IT will switch over to Linux, but it never happened and my UNIX...

Read onRead laterAdd comment

Migrating parts of a Citrix ADC / NetScaler configuration from test site to production site

By Johannes Norz
9 September 2020
9 Min read
Add comment
M

This is an old problem with Citrix ADC / NetScaler: You should test all changes in test-site first and move them to production, or synchronise production site and disaster recovery site. Unfortunately, there is no built-in mechanism to synchronize configuration. So, over time, these sites will start differing, a very unwelcome state. This is especially true for WAF, as applications tend to change...

Read onRead laterAdd comment

Recent Posts

Recent Comments