Clientless access is a basic browser-based VPN solution, where users are presented with a homepage when they log in and from there they can access file shares, web applications, and other settings depending on what is defined in the session policy.
In order to allow clientless access, we need to define some settings in the session policy part of the Client Experience pane. Following are the settings:
In the Published Applications pane, we define the following settings in the request profile:
Now, in order to activate clientless access, we only need to set the vServer to SmartAccess and set clientless access to ON
under the session policy, but there are other settings as well that can affect this feature. For example, if we add a URL for web-based e-mail, users will have an e-mail pane after they log in, which is going to be proxied via NetScaler. This allows them to log in to their e-mail. URL encoding determines if the URL should be masked so that the users will never see the real URL when they are browsing on a web application. Persistent cookie is needed for some cases, such as using SharePoint. Also, adding the web interface address and defining single sign-on allows NetScaler to display the user's applications within the same clientless access session. If a user clicks on an application here, it will start a Citrix Receiver session. We also have the option to add file shares and web applications to the portal. This can be done either within the vServer under the Bookmarks pane or as a user-based policy. Note that when you add a bookmark and bind it to a user or a vServer, it will appear under the Enterprise pane of the portal. Users also have the option to add their own bookmarks. We will go through how to add settings to a specific user or group later in this chapter.
When we add a bookmark, we also have the option to use NetScaler Gateway as a reverse proxy. If this is enabled, it means that when a user clicks on the bookmark, the connection will go from the user to NetScaler, and from there to the application. If this is not enabled, the connection will go from the user to the specified address in the bookmark.
18.216.151.164