Citrix Storefront and HTML 5 Receiver using ALTADDR (not secure!)

Sep 26, 2013 11:54 · 320 words · 2 minute read

This article is just for reference and is not a recommended solution!

I needed to setup a quick and dirty solution to get some colleagues access to an application published using Citrix XenApp for the purpose of demonstrating performance.

The three key components were, XenApp server, StoreFront server and the HTML 5 receiver.

I unfortunately did not have the time or resources to setup and configured a Netscaler or Access Gateway (hence the quick and dirty approach).

I’ll stick a disclaimer at the top “This is in no way secure and I always recommend using a combination of  Netscalers/Access Gateway and SSL certificates for any kind of public facing XenApp solution!”.

For the purpose of my “quick and dirty solution”, I’ve restricted access to a set of specific set of source IP addresses.

This also assume you have two public IP addresses assigned, one for the Storefront server and one for the XenApp server.

You’ll also need to configure firewall rules to allow inbound connections to the XenApp NAT using the WebSockets port configured within the XenApp policies. (default is 8008)

So, armed with NAT and a few configuration tweaks, I was able to publish my Citrix Storefront and allow my colleagues to access the published application using the Citrix HTML 5 receiver, here is how.

  1. Enable Alternate Addressing on the storefront server…

a. Browse to the C:\InetPub\wwwroot\citrix\ folder.

b. Open the web.config file.

c. Find the “alternateAddress=”off” section and change it to “alternateAddress=”on”.

d. Save and close the file.

e. From the command prompt, run IISRESET

  1. On the XenApp server, open up a command prompt and run.

a. ALTADDR /set nnn.nnn.nnn.nnn (where N is the public IP address that NATs to the private IP of the XenApp server)

b. Reboot the server.

c. Run ALTADDR /v to confirm the Alternate Address has taken.

  1. Login to your storefront service, launch click on the application icon and he presto, the application launches.