Onboard and setup
As part of the onboarding process, you must first define the Secure Private Access site and specify the servers associated with this deployment.
Step1 - Define your site:
A Secure Private Access site is a group of cloud connectors that collaboratively handle the evaluation of policies, application access, and security restrictions. To facilitate this, a single private address is required to create an internal load balancer that distributes traffic among these servers. This load balancer distributes traffic among multiple cloud connectors to ensure load balancing, high availability, and efficient resource utilization.
In Secure Private Access URL, enter the URL of the load balancer.
Step 2 - Integrate servers:
-
Enter the following details.
- StoreFront Store URL. For example,
https://storefront.domain.com/Citrix/StoreMain
. - Public NetScaler Gateway Address – URL of the NetScaler Gateway. For example,
https://gateway.domain.com
. - NetScaler Gateway virtual IP address – This virtual IP address must be the same as the one configured in StoreFront for callbacks.
- NetScaler Gateway Callback URL (Optional) – This URL must be the same as the one configured in StoreFront. For example,
https://gateway.domain.com
.
- StoreFront Store URL. For example,
-
Click Test all URLs and addresses.
If any URLs are changed in the on-premises environment, click Test all URLs and addresses to confirm that the addresses are reachable.
-
Click Next.
Step 3 - Summary:
After the configuration is complete, validation must be done to ensure that all servers that are configured are reachable.
If an error is found during validation, an error message is displayed against that component. After resolving the issue, run the validation checks again to ensure that all components are correctly configured and reachable.
Click Close.
Note:
- You are prompted to download and run the StoreFront and NetScaler Gateway scripts to configure these components, if not already done. Once you run the scripts, click Mark as done. However, it is not mandatory to download and run the StoreFront and NetScaler Gateway scripts immediately after the initial setup. It is recommended to run these scripts to ensure that the configuration is complete.
Once you are done with the onboarding, you can create applications and associate access policies with the applications.
The following figure displays the Secure Private Access dashboard after the onboard and setup is complete.
Note:
From the dashboard, you can click Go To Monitor to monitor and troubleshoot app sessions and events from DaaS Monitor. For details, see Integration with DaaS monitor.
Configuration synchronization
All cloud configurations in the Secure Private Access console are automatically synced to Cloud Connector every five minutes. This sync occurs only when there are changes in the cloud configuration.