![]() StoreFront Store Config (for Gateway integration) on StoreFront See communication requirements below (at end of config summary) Gateway vserver STA List: must be individual controllers and not load balanced fqdn:, Include settings in profile for domain (demo) to pass through, default authorization action (security tab), and enable passthrough to web applications (client experience), however, you MIGHT also need a TRaffic policy for sson (depending on which version of firmware you are on and how authentication policies are configured.) Session Policy/Profile maps content to lb storefront as: for web browsers. LB Method: LeastConnections PersistenceType: none. LB VServer Controllers (xml communication only) as () in place of and. LB Method LeastConnections PersistenceType: SourceIP PersistenceTimeout: 20 min (SSL:443) LB Vserver Storefront () in place of and. Next, Basic example of config summary for following components: (thought this would be easier for you to compare as I wasn't always sure what you described) (Couldn't tell which scenario you described, so I addressed either.) Also note, there is more to the gateway resolution of the storefront name and the STA addresses which I will note below. ![]() Confirm name to ip resolution via shell on ADC. This could result in gateway communication to storefront failing. (flush dns proxyrecords or Traffic Management > DNS > Records:: flush records (right pane). However, if the FQDN didn't change and you just changed the from OLD IP to NEW VIP, THEN remember the Citrix ADC/Gateway caches dns queries, did you flush the dns cache on the ADC to make it resolve the old name it already had to the NEW IP address. So if your users were going to the base URL does need to match Propagate change to members of storefront server group. Gateway has to see the explicit controllers as individual sta's and cannot see a load balanced name for sta's.ģ) The StoreFront base URL must match the FQDN used by users and gateway to access storefront or weird things happen. I couldn't tell if you updated the STA list or not in the description above. Gateway must have explicit list of controller names as STA's list (so list 2 individually or more) StoreFront should continue to list the STA's individually as well (when load balancing the controllers, only the XML conversation is load balanced, not the STA lists or the VDA's list of controllers for VDA registrations). Key Requirements noted as I read through your config notes:ġ) Gateway must point to storefront LB FQDN in its session policy.Ģ) STA's cannot be load balanced**. I think either the issue is the dns cache and/or you load balanced STA's when you weren't supposed to possibly gateways probe to storefront is failing due to dns cache issue. Thoughts below of things to look out for and config requirements. Using some concrete names might have helped clarify this (even if just placeholders). The virtual servers for SF and DDC both shows UPĬhanged the DDC address to LB address in Storefront server and to httpsĬhanged STA url to in both ADC and Storefront -> Citrix gateway ![]() Kept the same storefront base url instead change the dns to point to SF VIP of ADCĬreated cert for DDC FQDN and included LB address as SAN, installed in ADC as well Created dns records for SF/DDC - pointed to new VIP of ADC respectively
0 Comments
Leave a Reply. |