Category : NetScaler

Blog, Citrix, Exchange, Load Balancing, NetScaler
0

How to configure NetScaler with Exchange 2013 Load Balancing via command line

Here is an example how to configure Microsoft Exchange 2013 Load Balancing on Citrix NetScaler appliance.

This guide assumes that you are already imported certificate on the NetScaler from the Windows Exchange CAS Servers (or any other)

As done in here:

https://janikohonen.com/2014/11/21/how-to-create-export-and-install-ssl-certificate-from-the-windows-server-to-the-netscaler/
Take a full backup of your current NetScaler configuration:

create system backup -level full

Add Exchange Client Access (CAS/SMTP) Servers:

add server EX2013-01 192.168.202.250
add server EX2013-02 192.168.202.251

Create Service Group for SSL:
(Do Not copy-paste “\”None”” commas!)

add serviceGroup service-EXCHANGE-SSL SSL -maxClient 0 -maxReq 0 -cip DISABLED -usip NO -useproxyport YES -cltTimeout 180 -svrTimeout 360 -CKA NO -TCPB NO -CMP YES -appf DISABLED
bind serviceGroup service-EXCHANGE-SSL EX2013-01 443 -CustomServerID “\”None\””
bind serviceGroup service-EXCHANGE-SSL EX2013-02 443 -CustomServerID “\”None\””

Bind default HTTP monitor to Service Group:

bind serviceGroup service-EXCHANGE-SSL -monitorName https

Create and Configure Virtual Server for SSL:

add lb vserver vserver-EXCHANGE-SSL SSL 192.168.202.252 443 -persistenceType SOURCEIP -cltTimeout 180
set ssl vserver vserver-EXCHANGE-SSL -tls11 DISABLED -tls12 DISABLED
bind lb vserver vserver-EXCHANGE-SSL service-EXCHANGE-SSL

Bind certificate to SSL Service Group and Virtual Server:

bind ssl serviceGroup service-EXCHANGE-SSL -certkeyName janikohonen.com
bind ssl vserver vserver-EXCHANGE-SSL -certkeyName janikohonen.com

Save your configuration:

save ns config

++++

Create and modify SMTP monitor:

add lb mon smtp SMTP
set mon smtp SMTP -interval 30 seconds -resptimeout 5 seconds -downtime 120 seconds

Create Service Group for SMTP:
(Do Not copy-paste “\”None”” commas!)

add serviceGroup service-EXCHANGE-SMTP TCP -maxClient 0 -maxReq 0 -cip DISABLED -usip NO -useproxyport YES -cltTimeout 180 -svrTimeout 360 -CKA NO -TCPB NO -CMP YES -appf DISABLED
bind serviceGroup service-EXCHANGE-SMTP EX2013-01 25 -CustomServerID “\”None\””
bind serviceGroup service-EXCHANGE-SMTP EX2013-02 25 -CustomServerID “\”None\””

Bind SMTP monitor to Service Group:

bind serviceGroup service-EXCHANGE-SMTP -monitorName smtp

Create and Configure Virtual Server for SMTP:

add lb vserver vserver-EXCHANGE-SMTP TCP 192.168.202.253 25 -persistenceType SOURCEIP -cltTimeout 180
bind lb vserver vserver-EXCHANGE-SMTP service-EXCHANGE-SMTP

Save your configuration:

save ns config

 

[facebook_like_button]

 

Views: 10570

Read More
Blog, certificate, Citrix, NetScaler, Windows
1

How to create, export and install SSL certificate from the Windows Server to the NetScaler

 

This is an example how to create, export and install Windows Server Root CA signed certificate to the NetScaler appliance.

Create Certificate Request on Windows Server:

 

Choose Request a certificate on your Windows CA:

Choose advanced certificate request:

Choose Submit a certificate…:

Copy-Paste your Certification Request and choose Certificate Template Web Server:

Download and save your certificate:

Complete your Certificate Request:

Open Certificates MMC Snap-in, choose certificate and and export:

Log in to your NetScaler 10.1 and install certificate (for NetScaler 10.5 same method works, GUIs look is just a bit different)

Choose Import PKCS#12:

Choose Output file name whatever you want, browse PKCS#12 certificate file we just exported and type Password we created in certificate export phase:

Choose Manage Certificates / Keys / CSRs:

Download certificate .key file, change filetype association from .key to the .cer and upload it back to the NetScaler:

Choose Install…

Install certificate:

And that’s it! Now you have properly exported and installed certificate on your NetScaler.

 

[facebook_like_button]

 

 

Views: 3879

Read More
1 2 3