Home > Configuration > SSL VPN |
| SSL VPN |
virtual private network configuration. |
Configuration APIs |
Use this method to creates an AlwaysON profile |
Use this method to adds a clientless access policy, which enables users to log on using a web browser and connect to the bookmarked web address without requiring the user to install a software plug-in. |
Use this method to adds a collection of settings that allows clientless access to a given application. Settings include the policies to specify whether to rewrite a URL, rules to find the URLs within various web content-types, and a set of cookies that are required to be present on the client machine. |
Use this method to creates an advanced pre-authentication EPA device profile with XML data NOTE: This method is deprecated. Depricated AdvanceEPA Option |
Use this method to add a new eula entity. |
Use this method to creates a form-based single sign-on profile. Form based single sign-on allows users to log on one time to all protected applications in your network. Users can access web applications that require an HTML form-based logon without having to type their password again. |
Use this method to defines intranet applications to be made accessible through Citrix Gateway. |
Use this method to enables a Citrix Gateway appliance in the first DMZ to communicate with one or more Citrix Gateway appliances in the second DMZ. |
Use this method to creates an PCoIP profile |
Use this method to creates an PCoIP vserver profile |
Use this method to add a new portaltheme entity. The base theme should be either Default, Greenbubble, X1, RfWebUI or WStheme |
Use this method to creates a SAML single sign-on profile. This profile is employed in triggering saml assertion to a target service based on traffic profile. |
Use this method to creates a Secure Private Access profile |
Use this method to adds a session profile (action) to bind to a session policy that is applied to a user session if the policy expression conditions are met. |
Use this method to creates a new session policy that, if bound, is applied after the user logs on to Citrix Gateway, and that determines the properties of the user session. |
Use this method to creates an action to be applied by a policy that matches the traffic being processed. |
Use this method to creates a traffic policy. A traffic policy conditionally sets Citrix Gateway traffic characteristics at run time. For an intranet resource, for example, the traffic policy parameters define the destination IP address, destination port, amount of time a user can stay logged on to the application, and HTTP compression. |
Use this method to creates a bookmark link to an external or internal resource that appears on the Access Interface, according to type, as a web site link or file share link. |
Use this method to creates a bookmark link to an external or internal resource that appears on the Access Interface, according to type, as a web site link or file share link. |
Use this method to creates a new urlPolicy that, if bound, determines whether the URL is accessible or not. |
Use this method to creates a Citrix Gateway virtual server to allow authenticated users to access intranet resources, such as XenApp, XenDesktop, and web servers. |
Use this method to bind appcontroller to vpn global. |
Use this method to bind cacert to vpn global. |
Use this method to bind certkey to vpn global. |
Use this method to bind eula to vpn global. |
Use this method to bind gotopriorityexpression to vpn global. |
Use this method to bind intranetapplication to vpn global. |
Use this method to bind intranetdomain to vpn global. |
Use this method to bind intranetip to vpn global. |
Use this method to bind intranetip6 to vpn global. |
Use this method to bind nexthopserver to vpn global. |
Use this method to bind policy to vpn global. |
Use this method to bind portaltheme to vpn global. |
Use this method to bind secureprivateaccessprofile to vpn global. |
Use this method to bind secureprivateaccessurl to vpn global. |
Use this method to bind sharefile to vpn global. |
Use this method to bind staserver to vpn global. |
Use this method to bind url to vpn global. |
Use this method to bind userdataencryptionkey to vpn global. |
Use this method to bind analyticsprofile to vpn vserver. |
Use this method to bind appcontroller to vpn vserver. |
Use this method to bind epaprofile to vpn vserver. |
Use this method to bind eula to vpn vserver. |
Use this method to bind intranetapplication to vpn vserver. |
Use this method to bind intranetip to vpn vserver. |
Use this method to bind intranetip6 to vpn vserver. |
Use this method to bind nexthopserver to vpn vserver. |
Use this method to bind policy to vpn vserver. |
Use this method to bind portaltheme to vpn vserver. |
Use this method to bind secureprivateaccessprofile to vpn vserver. |
Use this method to bind secureprivateaccessurl to vpn vserver. |
Use this method to bind sharefile to vpn vserver. |
Use this method to bind staserver to vpn vserver. |
Use this method to bind url to vpn vserver. |
Use this method to invokes Cerebro executable for connectivity checks for the servers bound to a VPN virtual server |
Use this method to disables a Citrix Gateway virtual server. The virtual server is taken out of service. |
Use this method to enables a Citrix Gateway virtual server. Note: Virtual servers, when added, are enabled by default. |
Use this method to get information on AlwaysON profile |
Use this method to get a clientless access policy. |
Use this method to get information about all the configured clientless access profiles, or displays detailed information about the specified clientless access profile. |
Use this method to get information on device profile NOTE: This method is deprecated. Depricated AdvanceEPA Option |
Use this method to get information about all the configured eulas. |
Use this method to get the attributes of a form-based single sign-on profile. |
Use this method to get the Citrix Gateway policies that are bound to the virtual server globally. |
Use this method to get active connections that use the ICA proxy. |
Use this method to get active connections that use the ICA proxy. |
Use this method to get information about all the configured intranet resources, or displays detailed information about the specified intranet resource. |
Use this method to get information about all the configured next Citrix Gateway hop servers, or detailed information about the specified Citrix Gateway next hop server. |
Use this method to get the configured Citrix Gateway parameters. |
Use this method to get active PCOIP connections. |
Use this method to get information on PCoIP profile |
Use this method to get information on PCoIP vserver profile |
Use this method to get information about all the configured portalthemes. |
Use this method to get information about all configured saml single sign-on profiles, or displays detailed information about the specified action. |
Use this method to get information on Secure Private Access profile |
Use this method to get a session action that is applied to a user session if the policy expression conditions are met. |
Use this method to get a session policy. |
Use this method to get a configuration file for a given VPN virtual server, which can be imported by StoreFront. |
Use this method to get the Store Front information summary |
Use this method to get information about all the configured traffic actions, or displays detailed information about the specified traffic action. |
Use this method to get information about all Citrix Gateway traffic policies, or detailed information about the specified policy. |
Use this method to get information about all the configured bookmark links to internal resources that appear in the Access Interface, or displays detailed information about the specified bookmark link. |
Use this method to get information about all the configured bookmark links to resources that appear in the Access Interface, or displays detailed information about the specified bookmark link. |
Use this method to get a urlPolicy. |
Use this method to get information about all the configured Citrix Gateway virtual servers, or displays detailed information about the specified Citrix Gateway virtual server. |
Use this method to terminates the specified ica connections. |
Use this method to terminates the specified connections. |
Use this method to renames the specified vpn urlAction. |
Use this method to renames the specified vpn urlPolicy. |
Use this method to renames a Citrix Gateway virtual server. |
Use this method to removes a previously created AlwaysON device profile. |
Use this method to removes a clientless access policy. |
Use this method to removes a clientless access profile. |
Use this method to removes a previously created EPA device profile. NOTE: This method is deprecated. Depricated AdvanceEPA Option |
Use this method to removes a eula entity if exists |
Use this method to removes a configured form-based single sign-on profile. |
Use this method to removes a configured intranet resource. |
Use this method to removes a configured next hop server. |
Use this method to removes a previously created PCoIP profile. |
Use this method to removes a previously created PCoIP vserver profile. |
Use this method to removes a portaltheme entity |
Use this method to deletes an existing saml single sign-on traffic profile. |
Use this method to removes a previously created Secure Private Access profile. |
Use this method to removes an action that was previously added to a session policy. |
Use this method to removes the session policy that is applied after the user logs on to Citrix Gateway. |
Use this method to removes a previously created traffic policy action. |
Use this method to removes an existing traffic policy from Citrix Gateway. |
Use this method to removes a bookmark link to an internal resource that appears in the Access Interface. |
Use this method to removes a bookmark link to a resource that appears in the Access Interface. |
Use this method to removes the urlPolicy that is applied. |
Use this method to removes a Citrix Gateway virtual server. Policies that are bound to the virtual server are automatically unbound. |
Use this method to set allow/Deny user to log off and connect to another Gateway |
Use this method to set option to decide if tunnel should be established when in enterprise network. When locationBasedVPN is remote, client tries to detect if it is located in enterprise network or not and establishes the tunnel if not in enterprise network. Dns suffixes configured using -add dns suffix- are used to decide if the client is in the enterprise network or not. If the resolution of the DNS suffix results in private IP, client is said to be in enterprise network. When set to EveryWhere, the client skips the check to detect if it is on the enterprise network and tries to establish the tunnel |
Use this method to set option to block network traffic when tunnel is not established(and the config requires that tunnel be established). When set to onlyToGateway, the network traffic to and from the client (except Gateway IP) is blocked. When set to fullAccess, the network traffic is not blocked |
Use this method to set name of the profile to invoke for the clientless access. |
Use this method to set expression, or name of a named expression, specifying the traffic that matches the policy. The following requirements apply only to the Citrix ADC CLI: * If the expression includes one or more spaces, enclose the entire expression in double quotation marks. * If the expression itself includes double quotation marks, escape the quotations by using the \ character. * Alternatively, you can use single quotation marks to enclose the rule, in which case you do not have to escape the double quotation marks. |
Use this method to set specify the name of the pattern set containing the names of the cookies, which are allowed between the client and the server. If a pattern set is not specified, Citrix Gateway does not allow any cookies between the client and the server. A cookie that is not specified in the pattern set is handled by Citrix Gateway on behalf of the client. |
Use this method to set name of the configured JavaScript rewrite policy label. If you do not specify a policy label name, then JAVA scripts are not rewritten. |
Use this method to set name of the pattern set that contains the regular expressions, which match the URLs in the custom content type other than HTML, CSS, XML, XCOMP, and JavaScript. The custom content type should be included in the patset ns_cvpn_custom_content_types. |
Use this method to set name of the pattern set that contains the regular expressions, which match the URL in the CSS. |
Use this method to set name of the pattern set that contains the regular expressions, which match the URL in Java script. |
Use this method to set name of the pattern set that contains the regular expressions, which match the URL in X Component. |
Use this method to set name of the pattern set that contains the regular expressions, which match the URL in XML. |
Use this method to set name of the configured Request rewrite policy label. If you do not specify a policy label name, then requests are not rewritten. |
Use this method to set specify whether a persistent session cookie is set and accepted for clientless access. If this parameter is set to ON, COM objects, such as MSOffice, which are invoked by the browser can access the files using clientless access. Use caution because the persistent cookie is stored on the disk. |
Use this method to set name of the configured Response rewrite policy label. |
Use this method to set name of the configured URL rewrite policy label. If you do not specify a policy label name, then URLs are not rewritten. |
Use this method to set root-relative URL to which the completed form is submitted. |
Use this method to set other name-value pair attributes to send to the server, in addition to sending the user name and password. Value names are separated by an ampersand (&), such as in name1=value1&name2=value2. |
Use this method to set how to process the name-value pair. Available settings function as follows: * STATIC - The administrator-configured values are used. * DYNAMIC - The response is parsed, the form is extracted, and then submitted. |
Use this method to set name of the form field in which the user types in the password. |
Use this method to set maximum number of bytes to allow in the response size. Specifies the number of bytes in the response to be parsed for extracting the forms. |
Use this method to set expression that defines the criteria for SSO success. Expression such as checking for cookie in the response is a common example. |
Use this method to set hTTP method (GET or POST) used by the single sign-on form to send the logon credentials to the logon server. |
Use this method to set name of the form field in which the user types in the user ID. |
Use this method to set option to enable/disable Advanced ClientlessVpnMode. Additionaly, it can be set to STRICT to block Classic ClientlessVpnMode while in AdvancedClientlessMode. |
Use this method to set specify groups that have permission to log on to Citrix Gateway. Users who do not belong to this group or groups are denied access even if they have valid credentials. |
Use this method to set iP address of the proxy server to use for all protocols supported by Citrix Gateway. |
Use this method to set name of the AlwaysON profile. The builtin profile named none can be used to explicitly disable AlwaysON. |
Use this method to set the timeout value in seconds for tokens to access XenMobile applications |
Use this method to set comma-separated list of groups in which the user is placed when none of the groups that the user is a part of is configured on Citrix Gateway. The authorization policy can be bound to these groups to control access to the resources. |
Use this method to set uRL to auto proxy config file |
Use this method to set enables backend server certificate validation |
Use this method to set enables DTLS 1.2 for backend server handshakes |
Use this method to set enables sni extension for backend server handshakes |
Use this method to set web address for the Citrix Receiver home page. Configure Citrix Gateway so that when users log on to the appliance, the Citrix Gateway Plug-in opens a web browser that allows single sign-on to the Citrix Receiver home page. |
Use this method to set provide users with multiple logon options. With client choices, users have the option of logging on by using the Citrix Gateway Plug-in for Windows, Citrix Gateway Plug-in for Java, the Web Interface, or clientless access from one location. Depending on how Citrix Gateway is configured, users are presented with up to three icons for logon choices. The most common are the Citrix Gateway Plug-in for Windows, Web Interface, and clientless access. |
Use this method to set prompt for client-side cache clean-up when a client-initiated session closes. |
Use this method to set allow users to change client Debug logging level in Configuration tab of the Citrix Gateway Plug-in for Windows. |
Use this method to set set the trace level on Citrix Gateway. Technical support technicians use these debug logs for in-depth debugging and troubleshooting purposes. Available settings function as follows: * DEBUG - Detailed debug messages are collected and written into the specified file. * STATS - Application audit level error messages and debug statistic counters are written into the specified file. * EVENTS - Application audit-level error messages are written into the specified file. * OFF - Only critical events are logged into the Windows Application Log. NOTE: This attribute is deprecated. This argument is deprecated . |
Use this method to set time, in minutes, after which to time out the user session if Citrix Gateway does not detect mouse or keyboard activity. |
Use this method to set when clientless access is enabled, you can choose to encode the addresses of internal web applications or to leave the address as clear text. Available settings function as follows: * OPAQUE - Use standard encoding mechanisms to make the domain and protocol part of the resource unclear to users. * TRANSPARENT - Do not encode the web address and make it visible to users. * ENCRYPT - Allow the domain and protocol to be encrypted using a session key. When the web address is encrypted, the URL is different for each user session for the same web resource. If users bookmark the encoded web address, save it in the web browser and then log off, they cannot connect to the web address when they log on and use the bookmark. If users save the encrypted bookmark in the Access Interface during their session, the bookmark works each time the user logs on. |
Use this method to set state of persistent cookies in clientless access mode. Persistent cookies are required for accessing certain features of SharePoint, such as opening and editing Microsoft Word, Excel, and PowerPoint documents hosted on the SharePoint server. A persistent cookie remains on the user device and is sent with each HTTP request. Citrix Gateway encrypts the persistent cookie before sending it to the plug-in on the user device, and refreshes the cookie periodically as long as the session exists. The cookie becomes stale if the session ends. Available settings function as follows: * ALLOW - Enable persistent cookies. Users can open and edit Microsoft documents stored in SharePoint. * DENY - Disable persistent cookies. Users cannot open and edit Microsoft documents stored in SharePoint. * PROMPT - Prompt users to allow or deny persistent cookies during the session. Persistent cookies are not required for clientless access if users do not connect to SharePoint. |
Use this method to set enable clientless access for web, XenApp or XenDesktop, and FileShare resources without installing the Citrix Gateway Plug-in. Available settings function as follows: * ON - Allow only clientless access. * OFF - Allow clientless access after users log on with the Citrix Gateway Plug-in. * DISABLED - Do not allow clientless access. |
Use this method to set display only the configured menu options when you select the "Configure Citrix Gateway" option in the Citrix Gateway Plug-in's system tray icon for Windows. NOTE: This attribute is deprecated. This argument is deprecated . |
Use this method to set specify the client security check for the user device to permit a Citrix Gateway session. The web address or IP address is not included in the expression for the client security check. |
Use this method to set specifies whether or not to display all failed Client Security scans to the end user |
Use this method to set checkversion api |
Use this method to set specify the network resources that users have access to when they log on to the internal network. The default setting for authorization is to deny access to all network resources. Citrix recommends using the default global setting and then creating authorization policies to define the network resources users can access. If you set the default authorization policy to DENY, you must explicitly authorize access to any network resource, which improves security. |
Use this method to set enable device posture |
Use this method to set name of the DNS virtual server for the user session. |
Use this method to set web address for the web-based email, such as Outlook Web Access. |
Use this method to set enable encryption of client security expressions. |
Use this method to set choose between two types of End point Windows Client a) Application Agent - which always runs in the task bar as a standalone application and also has a supporting service which runs permanently when installed b) Activex Control - ActiveX control run by Microsoft Internet Explorer. NOTE: This attribute is deprecated. This argument is not supported |
Use this method to set force cache clean-up when the user closes a session. You can specify all, none, or any combination of the client-side items. |
Use this method to set force a disconnection from the Citrix Gateway Plug-in with Citrix Gateway after a specified number of minutes. If the session closes, the user must log on again. |
Use this method to set number of minutes to warn a user before the user session is disconnected. |
Use this method to set spoofed IP address range that can be used by client for FQDN based split tunneling |
Use this method to set iP address of the proxy server to be used for FTP access for all subsequent connections to the internal network. |
Use this method to set iP address of the proxy server to be used for GOPHER access for all subsequent connections to the internal network. |
Use this method to set web address of the home page that appears when users log on. Otherwise, users receive the default home page for Citrix Gateway, which is the Access Interface. |
Use this method to set destination port numbers other than port 80, added as a comma-separated list. Traffic to these ports is processed as HTTP traffic, which allows functionality, such as HTTP authorization and single sign-on to a web application to work. |
Use this method to set iP address of the proxy server to be used for HTTP access for all subsequent connections to the internal network. |
Use this method to set enable or disable HTTP tracking for packets proxied via vpn vserver using GSLB connection proxy feature. |
Use this method to set enable ICA proxy to configure secure Internet access to servers running Citrix XenApp or XenDesktop by using Citrix Receiver instead of the Citrix Gateway Plug-in. |
Use this method to set enable or disable ica session timeout. If enabled and in case AAA session gets terminated, ICA connections associated with that will also get terminated |
Use this method to set the name of the radiusPolicy to use for RADIUS user accounting info on the session. |
Use this method to set option to decide whether to show plugin icon along with receiver icon |
Use this method to set an intranet IP DNS suffix. When a user logs on to Citrix Gateway and is assigned an IP address, a DNS record for the user name and IP address combination is added to the Citrix Gateway DNS cache. You can configure a DNS suffix to append to the user name when the DNS record is added to the cache. You can reach to the host from where the user is logged on by using the user's name, which can be easier to remember than an IP address. When the user logs off from Citrix Gateway, the record is removed from the DNS cache. |
Use this method to set the KCD account details to be used in SSO |
Use this method to set specify whether the Citrix Gateway Plug-in should disconnect all preexisting connections, such as the connections existing before the user logged on to Citrix Gateway, and prevent new incoming connections on the Citrix Gateway Plug-in for Windows and MAC when the user is connected to Citrix Gateway and split tunneling is disabled. |
Use this method to set option to set plugin upgrade behaviour for Linux |
Use this method to set set local LAN access. If split tunneling is OFF, and you set local LAN access to ON, the local client can route traffic to its local interface. When the local area network switch is specified, this combination of switches is useful. The client can allow local LAN access to devices that commonly have non-routable addresses, such as local printers or local file servers. |
Use this method to set path to the logon script that is run when a session is established. Separate multiple scripts by using comma. A "$" in the path signifies that the word following the "$" is an environment variable. |
Use this method to set path to the logout script. Separate multiple scripts by using comma. A "$" in the path signifies that the word following the "$" is an environment variable. |
Use this method to set option to set plugin upgrade behaviour for Mac |
Use this method to set maximum number of Intranet IP that can be assigned to a user from AAA group, VPN vserver or VPN global pool. This setting is not applicable for AAA user level Intranet IP configuration |
Use this method to set validity of MDX Token in minutes. This token is used for mdx services to access backend and valid HEAD and GET request. |
Use this method to set single sign-on domain to use for single sign-on to applications in the internal network. This setting can be overwritten by the domain that users specify at the time of logon or by the domain that the authentication server returns. |
Use this method to set name of the PCOIP profile. |
Use this method to set set options to apply proxy for accessing the internal resources. Available settings function as follows: * BROWSER - Proxy settings are configured only in Internet Explorer and Firefox browsers. * NS - Proxy settings are configured on the Citrix ADC. * OFF - Proxy settings are not configured. |
Use this method to set proxy exception string that will be configured in the browser for bypassing the previously configured proxies. Allowed only if proxy type is Browser. |
Use this method to set bypass proxy server for local addresses option in Internet Explorer and Firefox proxy server settings. |
Use this method to set name of the RDP profile associated with the vserver. |
Use this method to set as defined in the local area network, allow only the following local area network addresses to bypass the VPN tunnel when the local LAN access feature is enabled: * 10.*.*.*, * 172.16.*.*, * 192.168.*.* |
Use this method to set sameSite attribute value for Cookies generated in VPN context. This attribute value will be appended only for the cookies which are specified in the builtin patset ns_cookies_samesite |
Use this method to set allow users to connect through Citrix Gateway to network resources from iOS and Android mobile devices with Citrix Receiver. Users do not need to establish a full VPN tunnel to access resources in the secure network. |
Use this method to set enables or disables the secure private access configuration. |
Use this method to set number of minutes after which the session times out. |
Use this method to set this is the default group that is chosen when the authentication succeeds in addition to extracted groups. |
Use this method to set iP address of the proxy server to be used for SOCKS access for all subsequent connections to the internal network. |
Use this method to set route the DNS requests to the local DNS server configured on the user device, or Citrix Gateway (remote), or both. |
Use this method to set send, through the tunnel, traffic only for intranet applications that are defined in Citrix Gateway. Route all other traffic directly to the Internet. The OFF setting routes all traffic through Citrix Gateway. With the REVERSE setting, intranet applications define the network traffic that is not intercepted. All network traffic directed to internal IP addresses bypasses the VPN tunnel, while other traffic goes through Citrix Gateway. Reverse split tunneling can be used to log all non-local LAN traffic. For example, if users have a home network and are logged on through the Citrix Gateway Plug-in, network traffic destined to a printer or another device within the home network is not intercepted. |
Use this method to set indicate whether or not the application requires IP spoofing, which routes the connection to the intranet application through the virtual adapter. NOTE: This attribute is deprecated. This argument is deprecated since snoofip is no longer supported. |
Use this method to set iP address of the proxy server to be used for SSL access for all subsequent connections to the internal network. |
Use this method to set set single sign-on (SSO) for the session. When the user accesses a server, the user's logon credentials are passed to the server for authentication. NOTE : This configuration does not honor the following authentication types for security reason. BASIC, DIGEST, and NTLM (without Negotiate NTLM2 Key or Negotiate Sign Flag). Use VPN TrafficAction to configure SSO for these authentication types. |
Use this method to set specify whether to use the primary or secondary authentication credentials for single sign-on to the server. |
Use this method to set web address for StoreFront to be used in this session for enumeration of resources from XenApp or XenDesktop. |
Use this method to set allow access to network resources by using a single IP address and subnet mask or a range of IP addresses. The OFF setting sets the mode to proxy, in which you configure destination and source IP addresses and port numbers. If you are using the Citrix Gateway Plug-in for Windows, set this parameter to ON, in which the mode is set to transparent. If you are using the Citrix Gateway Plug-in for Java, set this parameter to OFF. |
Use this method to set set VPN UI Theme to Green-Bubble, Caxton or Custom; default is Caxton. |
Use this method to set define IP address pool options. Available settings function as follows: * SPILLOVER - When an address pool is configured and the mapped IP is used as an intranet IP address, the mapped IP address is used when an intranet IP address cannot be assigned. * NOSPILLOVER - When intranet IP addresses are enabled and the mapped IP address is not used, the Transfer Login page appears for users who have used all available intranet IP addresses. * OFF - Address pool is not configured. |
Use this method to set enable or disable the use of a unique IP address alias, or a mapped IP address, as the client IP address for each client session. Allow Citrix Gateway to use the mapped IP address as an intranet IP address when all other IP addresses are not available. When IP pooling is configured and the mapped IP is used as an intranet IP address, the mapped IP address is used when an intranet IP address cannot be assigned. |
Use this method to set list of user domains specified as comma seperated value NOTE: This attribute is deprecated. Depricate UserDomains Option |
Use this method to set web address of the Web Interface server, such as http:// If Client Choices is ON, you must configure this setting. Because the user can choose between FullClient and ICAProxy, the user may see a different home page. An Internet web site may appear if the user gets the FullClient option, or a Web Interface site if the user gets the ICAProxy option. If the setting is not configured, the XenApp option does not appear as a client choice. |
Use this method to set enable or disable the Windows Auto Logon for the session. If a VPN session is established after this setting is enabled, the user is automatically logged on by using Windows credentials after the system is restarted. |
Use this method to set the Windows client type. Choose between two types of Windows Client\ a) Application Agent - which always runs in the task bar as a standalone application and also has a supporting service which runs permanently when installed\ b) Activex Control - ActiveX control run by Microsoft Internet Explorer. NOTE: This attribute is deprecated. This argument is deprecated since ActiveX is no longer supported. |
Use this method to set option to set plugin upgrade behaviour for Win |
Use this method to set wINS server IP address to add to Citrix Gateway for name resolution. |
Use this method to set layout on the Access Interface. The COMPACT value indicates the use of small icons. |
Use this method to set connection server URL |
Use this method to set iCV verification for PCOIP transport packets. |
Use this method to set pCOIP Idle Session timeout |
Use this method to set login domain for PCoIP users |
Use this method to set uDP port for PCoIP data traffic |
Use this method to set uRL to which the assertion is to be sent. |
Use this method to set name of attribute1 that needs to be sent in SAML Assertion |
Use this method to set name of attribute10 that needs to be sent in SAML Assertion |
Use this method to set name of attribute11 that needs to be sent in SAML Assertion |
Use this method to set name of attribute12 that needs to be sent in SAML Assertion |
Use this method to set name of attribute13 that needs to be sent in SAML Assertion |
Use this method to set name of attribute14 that needs to be sent in SAML Assertion |
Use this method to set name of attribute15 that needs to be sent in SAML Assertion |
Use this method to set name of attribute16 that needs to be sent in SAML Assertion |
Use this method to set name of attribute2 that needs to be sent in SAML Assertion |
Use this method to set name of attribute3 that needs to be sent in SAML Assertion |
Use this method to set name of attribute4 that needs to be sent in SAML Assertion |
Use this method to set name of attribute5 that needs to be sent in SAML Assertion |
Use this method to set name of attribute6 that needs to be sent in SAML Assertion |
Use this method to set name of attribute7 that needs to be sent in SAML Assertion |
Use this method to set name of attribute8 that needs to be sent in SAML Assertion |
Use this method to set name of attribute9 that needs to be sent in SAML Assertion |
Use this method to set audience for which assertion sent by IdP is applicable. This is typically entity name or url that represents ServiceProvider |
Use this method to set algorithm to be used to compute/verify digest for SAML transactions |
Use this method to set option to encrypt assertion when Citrix ADC sends one. |
Use this method to set algorithm to be used to encrypt SAML assertion |
Use this method to set expression that will be evaluated to obtain NameIdentifier to be sent in assertion |
Use this method to set format of Name Identifier sent in Assertion. |
Use this method to set expression to extract relaystate to be sent along with assertion. Evaluation of this expression should return TEXT content. This is typically a target url to which user is redirected after the recipient validates SAML token |
Use this method to set the name to be used in requests sent from Citrix ADC to IdP to uniquely identify Citrix ADC. |
Use this method to set name of the signing authority as given in the SAML server's SSL certificate. |
Use this method to set name of the SSL certificate of peer/receving party using which Assertion is encrypted. |
Use this method to set option to send password in assertion. NOTE: This attribute is deprecated. Send password feature has been deprecated. Please use custom attributes. |
Use this method to set option to sign portions of assertion when Citrix ADC IDP sends one. Based on the user selection, either Assertion or Response or Both or none can be signed |
Use this method to set algorithm to be used to sign/verify SAML transactions |
Use this method to set name of the service in cloud used to sign the data |
Use this method to set this option specifies the number of minutes on either side of current time that the assertion would be valid. For example, if skewTime is 10, then assertion would be valid from (current time - 10) min to (current time + 10) min, ie 20min in all. |
Use this method to set redirect option for access restricted pages |
Use this method to set secure Private Access Chrome Enterprise Premium mode of operation |
Use this method to set customer ID of the citrix cloud customer |
Use this method to set automatically configures the session for Citrix Secure Access client connectivity |
Use this method to set secure Private Access Shared Secret |
Use this method to set secure Private Access server URL |
Use this method to set option to enable/disable Advanced ClientlessVpnMode. Additionaly, it can be set to STRICT to block Classic ClientlessVpnMode while in AdvancedClientlessMode. |
Use this method to set specify groups that have permission to log on to Citrix Gateway. Users who do not belong to this group or groups are denied access even if they have valid credentials. |
Use this method to set iP address of the proxy server to use for all protocols supported by Citrix Gateway. |
Use this method to set name of the AlwaysON profile associated with the session action. The builtin profile named none can be used to explicitly disable AlwaysON for the session action. |
Use this method to set comma-separated list of groups in which the user is placed when none of the groups that the user is a part of is configured on Citrix Gateway. The authorization policy can be bound to these groups to control access to the resources. |
Use this method to set uRL to auto proxy config file |
Use this method to set web address for the Citrix Receiver home page. Configure Citrix Gateway so that when users log on to the appliance, the Citrix Gateway Plug-in opens a web browser that allows single sign-on to the Citrix Receiver home page. |
Use this method to set provide users with multiple logon options. With client choices, users have the option of logging on by using the Citrix Gateway Plug-in for Windows, Citrix Gateway Plug-in for Java, the Web Interface, or clientless access from one location. Depending on how Citrix Gateway is configured, users are presented with up to three icons for logon choices. The most common are the Citrix Gateway Plug-in for Windows, Web Interface, and clientless access. |
Use this method to set prompt for client-side cache clean-up when a client-initiated session closes. |
Use this method to set allow users to change client Debug logging level in Configuration tab of the Citrix Gateway Plug-in for Windows. |
Use this method to set set the trace level on Citrix Gateway. Technical support technicians use these debug logs for in-depth debugging and troubleshooting purposes. Available settings function as follows: * DEBUG - Detailed debug messages are collected and written into the specified file. * STATS - Application audit level error messages and debug statistic counters are written into the specified file. * EVENTS - Application audit-level error messages are written into the specified file. * OFF - Only critical events are logged into the Windows Application Log. NOTE: This attribute is deprecated. This argument is deprecated . |
Use this method to set time, in minutes, after which to time out the user session if Citrix Gateway does not detect mouse or keyboard activity. |
Use this method to set when clientless access is enabled, you can choose to encode the addresses of internal web applications or to leave the address as clear text. Available settings function as follows: * OPAQUE - Use standard encoding mechanisms to make the domain and protocol part of the resource unclear to users. * CLEAR - Do not encode the web address and make it visible to users. * ENCRYPT - Allow the domain and protocol to be encrypted using a session key. When the web address is encrypted, the URL is different for each user session for the same web resource. If users bookmark the encoded web address, save it in the web browser and then log off, they cannot connect to the web address when they log on and use the bookmark. If users save the encrypted bookmark in the Access Interface during their session, the bookmark works each time the user logs on. |
Use this method to set state of persistent cookies in clientless access mode. Persistent cookies are required for accessing certain features of SharePoint, such as opening and editing Microsoft Word, Excel, and PowerPoint documents hosted on the SharePoint server. A persistent cookie remains on the user device and is sent with each HTTP request. Citrix Gateway encrypts the persistent cookie before sending it to the plug-in on the user device, and refreshes the cookie periodically as long as the session exists. The cookie becomes stale if the session ends. Available settings function as follows: * ALLOW - Enable persistent cookies. Users can open and edit Microsoft documents stored in SharePoint. * DENY - Disable persistent cookies. Users cannot open and edit Microsoft documents stored in SharePoint. * PROMPT - Prompt users to allow or deny persistent cookies during the session. Persistent cookies are not required for clientless access if users do not connect to SharePoint. |
Use this method to set enable clientless access for web, XenApp or XenDesktop, and FileShare resources without installing the Citrix Gateway Plug-in. Available settings function as follows: * ON - Allow only clientless access. * OFF - Allow clientless access after users log on with the Citrix Gateway Plug-in. * DISABLED - Do not allow clientless access. |
Use this method to set display only the configured menu options when you select the "Configure Citrix Gateway" option in the Citrix Gateway Plug-in system tray icon for Windows. NOTE: This attribute is deprecated. This argument is deprecated . |
Use this method to set specify the client security check for the user device to permit a Citrix Gateway session. The web address or IP address is not included in the expression for the client security check. |
Use this method to set set the logging of client security checks. |
Use this method to set specify the network resources that users have access to when they log on to the internal network. The default setting for authorization is to deny access to all network resources. Citrix recommends using the default global setting and then creating authorization policies to define the network resources users can access. If you set the default authorization policy to DENY, you must explicitly authorize access to any network resource, which improves security. |
Use this method to set name of the DNS virtual server for the user session. |
Use this method to set web address for the web-based email, such as Outlook Web Access. |
Use this method to set choose between two types of End point Windows Client a) Application Agent - which always runs in the task bar as a standalone application and also has a supporting service which runs permanently when installed b) Activex Control - ActiveX control run by Microsoft Internet Explorer. NOTE: This attribute is deprecated. This argument is not supported |
Use this method to set force cache clean-up when the user closes a session. You can specify all, none, or any combination of the client-side items. |
Use this method to set force a disconnection from the Citrix Gateway Plug-in with Citrix Gateway after a specified number of minutes. If the session closes, the user must log on again. |
Use this method to set number of minutes to warn a user before the user session is disconnected. |
Use this method to set spoofed IP address range that can be used by client for FQDN based split tunneling |
Use this method to set iP address of the proxy server to be used for FTP access for all subsequent connections to the internal network. |
Use this method to set iP address of the proxy server to be used for GOPHER access for all subsequent connections to the internal network. |
Use this method to set web address of the home page that appears when users log on. Otherwise, users receive the default home page for Citrix Gateway, which is the Access Interface. |
Use this method to set destination port numbers other than port 80, added as a comma-separated list. Traffic to these ports is processed as HTTP traffic, which allows functionality, such as HTTP authorization and single sign-on to a web application to work. |
Use this method to set iP address of the proxy server to be used for HTTP access for all subsequent connections to the internal network. |
Use this method to set enable ICA proxy to configure secure Internet access to servers running Citrix XenApp or XenDesktop by using Citrix Receiver instead of the Citrix Gateway Plug-in. |
Use this method to set option to decide whether to show plugin icon along with receiver |
Use this method to set an intranet IP DNS suffix. When a user logs on to Citrix Gateway and is assigned an IP address, a DNS record for the user name and IP address combination is added to the Citrix Gateway DNS cache. You can configure a DNS suffix to append to the user name when the DNS record is added to the cache. You can reach to the host from where the user is logged on by using the user's name, which can be easier to remember than an IP address. When the user logs off from Citrix Gateway, the record is removed from the DNS cache. |
Use this method to set the kcd account details to be used in SSO |
Use this method to set specify whether the Citrix Gateway Plug-in should disconnect all preexisting connections, such as the connections existing before the user logged on to Citrix Gateway, and prevent new incoming connections on the Citrix Gateway Plug-in for Windows and MAC when the user is connected to Citrix Gateway and split tunneling is disabled. |
Use this method to set option to set plugin upgrade behaviour for Linux |
Use this method to set set local LAN access. If split tunneling is OFF, and you set local LAN access to ON, the local client can route traffic to its local interface. When the local area network switch is specified, this combination of switches is useful. The client can allow local LAN access to devices that commonly have non-routable addresses, such as local printers or local file servers. |
Use this method to set path to the logon script that is run when a session is established. Separate multiple scripts by using comma. A "$" in the path signifies that the word following the "$" is an environment variable. |
Use this method to set path to the logout script. Separate multiple scripts by using comma. A "$" in the path signifies that the word following the "$" is an environment variable. |
Use this method to set option to set plugin upgrade behaviour for Mac |
Use this method to set single sign-on domain to use for single sign-on to applications in the internal network. This setting can be overwritten by the domain that users specify at the time of logon or by the domain that the authentication server returns. |
Use this method to set name of the PCOIP profile associated with the session action. The builtin profile named none can be used to explicitly disable PCOIP for the session action. |
Use this method to set set options to apply proxy for accessing the internal resources. Available settings function as follows: * BROWSER - Proxy settings are configured only in Internet Explorer and Firefox browsers. * NS - Proxy settings are configured on the Citrix ADC. * OFF - Proxy settings are not configured. |
Use this method to set proxy exception string that will be configured in the browser for bypassing the previously configured proxies. Allowed only if proxy type is Browser. |
Use this method to set bypass proxy server for local addresses option in Internet Explorer and Firefox proxy server settings. |
Use this method to set name of the RDP profile associated with the vserver. |
Use this method to set as defined in the local area network, allow only the following local area network addresses to bypass the VPN tunnel when the local LAN access feature is enabled: * 10.*.*.*, * 172.16.*.*, * 192.168.*.* |
Use this method to set allow users to connect through Citrix Gateway to network resources from iOS and Android mobile devices with Citrix Receiver. Users do not need to establish a full VPN tunnel to access resources in the secure network. |
Use this method to set number of minutes after which the session times out. |
Use this method to set the authentication type configured for the Citrix Gateway on StoreFront. |
Use this method to set this is the default group that is chosen when the authentication succeeds in addition to extracted groups. |
Use this method to set iP address of the proxy server to be used for SOCKS access for all subsequent connections to the internal network. |
Use this method to set route the DNS requests to the local DNS server configured on the user device, or Citrix Gateway (remote), or both. |
Use this method to set send, through the tunnel, traffic only for intranet applications that are defined in Citrix Gateway. Route all other traffic directly to the Internet. The OFF setting routes all traffic through Citrix Gateway. With the REVERSE setting, intranet applications define the network traffic that is not intercepted. All network traffic directed to internal IP addresses bypasses the VPN tunnel, while other traffic goes through Citrix Gateway. Reverse split tunneling can be used to log all non-local LAN traffic. For example, if users have a home network and are logged on through the Citrix Gateway Plug-in, network traffic destined to a printer or another device within the home network is not intercepted. |
Use this method to set iP address that the intranet application uses to route the connection through the virtual adapter. NOTE: This attribute is deprecated. This argument is deprecated since snoofip is no longer supported. |
Use this method to set iP address of the proxy server to be used for SSL access for all subsequent connections to the internal network. |
Use this method to set set single sign-on (SSO) for the session. When the user accesses a server, the user's logon credentials are passed to the server for authentication. NOTE : This configuration does not honor the following authentication types for security reason. BASIC, DIGEST, and NTLM (without Negotiate NTLM2 Key or Negotiate Sign Flag). Use VPN TrafficAction to configure SSO for these authentication types. |
Use this method to set specify whether to use the primary or secondary authentication credentials for single sign-on to the server. |
Use this method to set web address for StoreFront to be used in this session for enumeration of resources from XenApp or XenDesktop. |
Use this method to set allow access to network resources by using a single IP address and subnet mask or a range of IP addresses. The OFF setting sets the mode to proxy, in which you configure destination and source IP addresses and port numbers. If you are using the Citrix Gateway Plug-in for Windows, set this parameter to ON, in which the mode is set to transparent. If you are using the Citrix Gateway Plug-in for Java, set this parameter to OFF. |
Use this method to set define IP address pool options. Available settings function as follows: * SPILLOVER - When an address pool is configured and the mapped IP is used as an intranet IP address, the mapped IP address is used when an intranet IP address cannot be assigned. * NOSPILLOVER - When intranet IP addresses are enabled and the mapped IP address is not used, the Transfer Login page appears for users who have used all available intranet IP addresses. * OFF - Address pool is not configured. |
Use this method to set enable or disable the use of a unique IP address alias, or a mapped IP address, as the client IP address for each client session. Allow Citrix Gateway to use the mapped IP address as an intranet IP address when all other IP addresses are not available. When IP pooling is configured and the mapped IP is used as an intranet IP address, the mapped IP address is used when an intranet IP address cannot be assigned. |
Use this method to set name of RADIUS Policy to use for user accounting |
Use this method to set web address of the Web Interface server, such as http:// If Client Choices is ON, you must configure this setting. Because the user can choose between FullClient and ICAProxy, the user may see a different home page. An Internet web site may appear if the user gets the FullClient option, or a Web Interface site if the user gets the ICAProxy option. If the setting is not configured, the XenApp option does not appear as a client choice. |
Use this method to set enable or disable the Windows Auto Logon for the session. If a VPN session is established after this setting is enabled, the user is automatically logged on by using Windows credentials after the system is restarted. |
Use this method to set choose between two types of Windows Client\ a) Application Agent - which always runs in the task bar as a standalone application and also has a supporting service which runs permanently when installed\ b) Activex Control - ActiveX control run by Microsoft Internet Explorer. NOTE: This attribute is deprecated. This argument is deprecated since ActiveX is no longer supported. |
Use this method to set option to set plugin upgrade behaviour for Win |
Use this method to set the WINS server ip address. |
Use this method to set layout on the Access Interface. The COMPACT value indicates the use of small icons. |
Use this method to set action to be applied by the new session policy if the rule criteria are met. |
Use this method to set expression, or name of a named expression, specifying the traffic that matches the policy. The following requirements apply only to the Citrix ADC CLI: * If the expression includes one or more spaces, enclose the entire expression in double quotation marks. * If the expression itself includes double quotation marks, escape the quotations by using the \ character. * Alternatively, you can use single quotation marks to enclose the rule, in which case you do not have to escape the double quotation marks. |
Use this method to set maximum amount of time, in minutes, a user can stay logged on to the web application. |
Use this method to set name of the form-based single sign-on profile. Form-based single sign-on allows users to log on one time to all protected applications in your network, instead of requiring them to log on separately to access each one. |
Use this method to set specify file type association, which is a list of file extensions that users are allowed to open. |
Use this method to set provide hdx proxy to the ICA traffic |
Use this method to set kerberos constrained delegation account name |
Use this method to set expression that will be evaluated to obtain password for SingleSignOn |
Use this method to set iP address and Port of the proxy server to be used for HTTP access for this request. |
Use this method to set profile to be used for doing SAML SSO to remote relying party |
Use this method to set provide single sign-on to the web application. NOTE : Authentication mechanisms like Basic-authentication require the user credentials to be sent in plaintext which is not secure if the server is running on HTTP (instead of HTTPS). |
Use this method to set expression that will be evaluated to obtain username for SingleSignOn |
Use this method to set use the Repeater Plug-in to optimize network traffic. |
Use this method to set action to apply to traffic that matches the policy. |
Use this method to set expression, or name of a named expression, against which traffic is evaluated. The following requirements apply only to the Citrix ADC CLI: * If the expression includes one or more spaces, enclose the entire expression in double quotation marks. * If the expression itself includes double quotation marks, escape the quotations by using the \ character. * Alternatively, you can use single quotation marks to enclose the rule, in which case you do not have to escape the double quotation marks. |
Use this method to set web address for the bookmark link. |
Use this method to set to store the template details in the json format. |
Use this method to set the type of application this VPN URL represents. Possible values are CVPN/SaaS/VPN |
Use this method to set if clientless access to the resource hosting the link is allowed, also use clientless access for the bookmarked web address in the Secure Client Access based session. Allows single sign-on and other HTTP processing on Citrix Gateway for HTTPS resources. |
Use this method to set any comments associated with the bookmark link. |
Use this method to set uRL to fetch icon file for displaying this resource. |
Use this method to set description of the bookmark link. The description appears in the Access Interface. |
Use this method to set profile to be used for doing SAML SSO |
Use this method to set single sign on type for unified gateway |
Use this method to set name of the associated LB/CS vserver |
Use this method to set web address for the bookmark link. |
Use this method to set the type of application this VPN URL represents. Possible values are CVPN/SaaS/VPN |
Use this method to set if clientless access to the resource hosting the link is allowed, also use clientless access for the bookmarked web address in the Secure Client Access based session. Allows single sign-on and other HTTP processing on NetScaler Gateway for HTTPS resources. |
Use this method to set any comments associated with the bookmark link. |
Use this method to set uRL to fetch icon file for displaying this resource. |
Use this method to set description of the bookmark link. The description appears in the Access Interface. |
Use this method to set profile to be used for doing SAML SSO |
Use this method to set single sign on type for unified gateway |
Use this method to set name of the associated vserver to handle selfAuth SSO |
Use this method to set action to be applied by the new urlPolicy if the rule criteria are met. |
Use this method to set any comments to preserve information about this policy. |
Use this method to set name of messagelog action to use when a request matches this policy. |
Use this method to set expression, or name of a named expression, specifying the traffic that matches the policy. The following requirements apply only to the NetScaler CLI: * If the expression includes one or more spaces, enclose the entire expression in double quotation marks. * If the expression itself includes double quotation marks, escape the quotations by using the \ character. * Alternatively, you can use single quotation marks to enclose the rule, in which case you do not have to escape the double quotation marks. |
Use this method to set indicates whether advanced EPA is configured for this virtual server NOTE: This attribute is deprecated. Depricated AdvanceEPA Option |
Use this method to set log AppFlow records that contain standard NetFlow or IPFIX information, such as time stamps for the beginning and end of a flow, packet count, and byte count. Also log records that contain application-level information, such as HTTP web addresses, HTTP request methods and response status codes, server response time, and latency. |
Use this method to set require authentication for users connecting to Citrix Gateway. |
Use this method to set authentication Profile entity on virtual server. This entity can be used to offload authentication to AAA vserver for multi-factor(nFactor) authentication |
Use this method to set name of the certkey which was bound to the corresponding SSL virtual server as the Certificate Authority for the device certificate |
Use this method to set when client requests ShareFile resources and Citrix Gateway detects that the user is unauthenticated or the user session has expired, disabling this option takes the user to the originally requested ShareFile resource after authentication (instead of taking the user to the default VPN home page) |
Use this method to set any comments associated with the virtual server. |
Use this method to set indicates whether device certificate check as a part of EPA is enabled or not. |
Use this method to set enable device posture |
Use this method to set use the Citrix Gateway appliance in a double-hop configuration. A double-hop deployment provides an extra layer of security for the internal network by using three firewalls to divide the DMZ into two stages. Such a deployment can have one appliance in the DMZ and one appliance in the secure network. |
Use this method to set close existing connections when the virtual server is marked DOWN, which means the server might have timed out. Disconnecting existing connections frees resources and in certain cases speeds recovery of overloaded load balancing setups. Enable this setting on servers in which the connections can safely be closed when they are marked DOWN. Do not enable DOWN state flush on servers that must complete their transactions. |
Use this method to set this option starts/stops the turn service on the vserver |
Use this method to set number of minutes an account will be locked if user exceeds maximum permissible attempts |
Use this method to set name of the HTTP profile to assign to this virtual server. |
Use this method to set - When set to ON, it implies Basic mode where the user can log on using either Citrix Receiver or a browser and get access to the published apps configured at the XenApp/XenDEsktop environment pointed out by the WIHome parameter. Users are not allowed to connect using the Citrix Gateway Plug-in and end point scans cannot be configured. Number of users that can log in and access the apps are not limited by the license in this mode. - When set to OFF, it implies Smart Access mode where the user can log on using either Citrix Receiver or a browser or a Citrix Gateway Plug-in. The admin can configure end point scans to be run on the client systems and then use the results to control access to the published apps. In this mode, the client can connect to the gateway in other client modes namely VPN and CVPN. Number of users that can log in and access the resources are limited by the CCU licenses in this mode. |
Use this method to set this option determines if an existing ICA Proxy session is transferred when the user logs on from another device. |
Use this method to set criterion for responding to PING requests sent to this virtual server. If this parameter is set to ACTIVE, respond only if the virtual server is available. With the PASSIVE setting, respond even if the virtual server is not available. |
Use this method to set iPv4 or IPv6 address of the Citrix Gateway virtual server. Usually a public IP address. User devices send connection requests to this IP address. |
Use this method to set the list of IPv4/IPv6 addresses bound to ipset would form a part of listening service on the current vpn vserver |
Use this method to set use Layer 2 parameters (channel number, MAC address, and VLAN ID) in addition to the 4-tuple ( |
Use this method to set option to set plugin upgrade behaviour for Linux |
Use this method to set string specifying the listen policy for the Citrix Gateway virtual server. Can be either a named expression or an expression. The Citrix Gateway virtual server processes only the traffic for which the expression evaluates to true. |
Use this method to set integer specifying the priority of the listen policy. A higher number specifies a lower priority. If a request matches the listen policies of more than one virtual server, the virtual server whose listen policy has the highest priority (the lowest priority number) accepts the request. |
Use this method to set this option enables/disables seamless SSO for this Vserver. |
Use this method to set option to VPN plugin behavior when smartcard or its reader is removed |
Use this method to set option to set plugin upgrade behaviour for Mac |
Use this method to set maximum number of concurrent user sessions allowed on this virtual server. The actual number of users allowed to log on to this virtual server depends on the total number of user licenses. |
Use this method to set maximum number of logon attempts |
Use this method to set the name of the network profile. |
Use this method to set name of the PCoIP vserver profile associated with the vserver. |
Use this method to set name of the QUIC profile to assign to this virtual server. |
Use this method to set name of the RDP server profile associated with the vserver. |
Use this method to set a host route is injected according to the setting on the virtual servers. * If set to PASSIVE on all the virtual servers that share the IP address, the appliance always injects the hostroute. * If set to ACTIVE on all the virtual servers that share the IP address, the appliance injects even if one virtual server is UP. * If set to ACTIVE on some virtual servers and PASSIVE on the others, the appliance injects even if one virtual server set to ACTIVE is UP. |
Use this method to set sameSite attribute value for Cookies generated in VPN context. This attribute value will be appended only for the cookies which are specified in the builtin patset ns_cookies_samesite |
Use this method to set configure secure private access |
Use this method to set name of the TCP profile to assign to this virtual server. |
Use this method to set list of user domains specified as comma seperated value NOTE: This attribute is deprecated. Depricate UserDomains Option |
Use this method to set fully qualified domain name for a VPN virtual server. This is used during StoreFront configuration generation. |
Use this method to set option to set plugin upgrade behaviour for Win |
Use this method to unbind appcontroller from vpn global. |
Use this method to unbind cacert from vpn global. |
Use this method to unbind certkey from vpn global. |
Use this method to unbind eula from vpn global. |
Use this method to unbind intranetapplication from vpn global. |
Use this method to unbind intranetdomain from vpn global. |
Use this method to unbind intranetip from vpn global. |
Use this method to unbind intranetip6 from vpn global. |
Use this method to unbind nexthopserver from vpn global. |
Use this method to unbind policy from vpn global. |
Use this method to unbind portaltheme from vpn global. |
Use this method to unbind secureprivateaccessprofile from vpn global. |
Use this method to unbind secureprivateaccessurl from vpn global. |
Use this method to unbind sharefile from vpn global. |
Use this method to unbind staserver from vpn global. |
Use this method to unbind url from vpn global. |
Use this method to unbind userdataencryptionkey from vpn global. |
Use this method to unbind analyticsprofile from vpn vserver. |
Use this method to unbind appcontroller from vpn vserver. |
Use this method to unbind epaprofile from vpn vserver. |
Use this method to unbind eula from vpn vserver. |
Use this method to unbind intranetapplication from vpn vserver. |
Use this method to unbind intranetip from vpn vserver. |
Use this method to unbind intranetip6 from vpn vserver. |
Use this method to unbind nexthopserver from vpn vserver. |
Use this method to unbind policy from vpn vserver. |
Use this method to unbind portaltheme from vpn vserver. |
Use this method to unbind secureprivateaccessprofile from vpn vserver. |
Use this method to unbind secureprivateaccessurl from vpn vserver. |
Use this method to unbind sharefile from vpn vserver. |
Use this method to unbind staserver from vpn vserver. |
Use this method to unbind url from vpn vserver. |
Remove vpn alwaysONProfile clientcontrol setting. |
Remove vpn alwaysONProfile locationbasedvpn setting. |
Remove vpn alwaysONProfile networkaccessonvpnfailure setting. |
Remove vpn clientlessAccessProfile clientconsumedcookies setting. |
Remove vpn clientlessAccessProfile javascriptrewritepolicylabel setting. |
Remove vpn clientlessAccessProfile regexforfindingcustomurls setting. |
Remove vpn clientlessAccessProfile regexforfindingurlincss setting. |
Remove vpn clientlessAccessProfile regexforfindingurlinjavascript setting. |
Remove vpn clientlessAccessProfile regexforfindingurlinxcomponent setting. |
Remove vpn clientlessAccessProfile regexforfindingurlinxml setting. |
Remove vpn clientlessAccessProfile reqhdrrewritepolicylabel setting. |
Remove vpn clientlessAccessProfile requirepersistentcookie setting. |
Remove vpn clientlessAccessProfile reshdrrewritepolicylabel setting. |
Remove vpn clientlessAccessProfile urlrewritepolicylabel setting. |
Remove vpn formSSOAction namevaluepair setting. |
Remove vpn formSSOAction nvtype setting. |
Remove vpn formSSOAction responsesize setting. |
Remove vpn formSSOAction submitmethod setting. |
Remove vpn parameter accessrestrictedpageredirect setting. |
Remove vpn parameter advancedclientlessvpnmode setting. |
Remove vpn parameter allowedlogingroups setting. |
Remove vpn parameter allprotocolproxy setting. |
Remove vpn parameter alwaysonprofile setting. |
Remove vpn parameter apptokentimeout setting. |
Remove vpn parameter authorizationgroup setting. |
Remove vpn parameter autoproxyurl setting. |
Remove vpn parameter backendcertvalidation setting. |
Remove vpn parameter backenddtls12 setting. |
Remove vpn parameter backendserversni setting. |
Remove vpn parameter citrixreceiverhome setting. |
Remove vpn parameter clientchoices setting. |
Remove vpn parameter clientcleanupprompt setting. |
Remove vpn parameter clientconfiguration setting. |
Remove vpn parameter clientdebug setting. |
Remove vpn parameter clientidletimeout setting. |
Remove vpn parameter clientlessmodeurlencoding setting. |
Remove vpn parameter clientlesspersistentcookie setting. |
Remove vpn parameter clientlessvpnmode setting. |
Remove vpn parameter clientoptions setting. |
Remove vpn parameter clientsecurity setting. |
Remove vpn parameter clientsecuritygroup setting. |
Remove vpn parameter clientsecuritylog setting. |
Remove vpn parameter clientsecuritymessage setting. |
Remove vpn parameter clientversions setting. |
Remove vpn parameter defaultauthorizationaction setting. |
Remove vpn parameter deviceposture setting. |
Remove vpn parameter dnsvserver setting. |
Remove vpn parameter emailhome setting. |
Remove vpn parameter encryptcsecexp setting. |
Remove vpn parameter epaclienttype setting. |
Remove vpn parameter forcecleanup setting. |
Remove vpn parameter forcedtimeout setting. |
Remove vpn parameter forcedtimeoutwarning setting. |
Remove vpn parameter fqdnspoofedip setting. |
Remove vpn parameter ftpproxy setting. |
Remove vpn parameter gopherproxy setting. |
Remove vpn parameter homepage setting. |
Remove vpn parameter httpport setting. |
Remove vpn parameter httpproxy setting. |
Remove vpn parameter httptrackconnproxy setting. |
Remove vpn parameter icaproxy setting. |
Remove vpn parameter icasessiontimeout setting. |
Remove vpn parameter icauseraccounting setting. |
Remove vpn parameter iconwithreceiver setting. |
Remove vpn parameter iipdnssuffix setting. |
Remove vpn parameter kcdaccount setting. |
Remove vpn parameter killconnections setting. |
Remove vpn parameter linuxpluginupgrade setting. |
Remove vpn parameter locallanaccess setting. |
Remove vpn parameter loginscript setting. |
Remove vpn parameter logoutscript setting. |
Remove vpn parameter macpluginupgrade setting. |
Remove vpn parameter maxiipperuser setting. |
Remove vpn parameter mdxtokentimeout setting. |
Remove vpn parameter netmask setting. |
Remove vpn parameter ntdomain setting. |
Remove vpn parameter pcoipprofile setting. |
Remove vpn parameter proxy setting. |
Remove vpn parameter proxyexception setting. |
Remove vpn parameter proxylocalbypass setting. |
Remove vpn parameter rdpclientprofile setting. |
Remove vpn parameter rfc1918 setting. |
Remove vpn parameter samesite setting. |
Remove vpn parameter securebrowse setting. |
Remove vpn parameter secureprivateaccess setting. |
Remove vpn parameter secureprivateaccessprofile setting. |
Remove vpn parameter sesstimeout setting. |
Remove vpn parameter smartgroup setting. |
Remove vpn parameter socksproxy setting. |
Remove vpn parameter splitdns setting. |
Remove vpn parameter splittunnel setting. |
Remove vpn parameter spoofiip setting. |
Remove vpn parameter sslproxy setting. |
Remove vpn parameter sso setting. |
Remove vpn parameter ssocredential setting. |
Remove vpn parameter storefronturl setting. |
Remove vpn parameter transparentinterception setting. |
Remove vpn parameter uitheme setting. |
Remove vpn parameter useiip setting. |
Remove vpn parameter usemip setting. |
Remove vpn parameter userdomains setting. |
Remove vpn parameter wihome setting. |
Remove vpn parameter windowsautologon setting. |
Remove vpn parameter windowsclienttype setting. |
Remove vpn parameter windowspluginupgrade setting. |
Remove vpn parameter winsip setting. |
Remove vpn parameter wiportalmode setting. |
Remove vpn pcoipProfile icvverification setting. |
Remove vpn pcoipProfile sessionidletimeout setting. |
Remove vpn pcoipVserverProfile udpport setting. |
Remove vpn samlSSOProfile attribute1 setting. |
Remove vpn samlSSOProfile attribute10 setting. |
Remove vpn samlSSOProfile attribute10format setting. |
Remove vpn samlSSOProfile attribute10friendly setting. |
Remove vpn samlSSOProfile attribute11 setting. |
Remove vpn samlSSOProfile attribute11format setting. |
Remove vpn samlSSOProfile attribute11friendly setting. |
Remove vpn samlSSOProfile attribute12 setting. |
Remove vpn samlSSOProfile attribute12format setting. |
Remove vpn samlSSOProfile attribute12friendly setting. |
Remove vpn samlSSOProfile attribute13 setting. |
Remove vpn samlSSOProfile attribute13format setting. |
Remove vpn samlSSOProfile attribute13friendly setting. |
Remove vpn samlSSOProfile attribute14 setting. |
Remove vpn samlSSOProfile attribute14format setting. |
Remove vpn samlSSOProfile attribute14friendly setting. |
Remove vpn samlSSOProfile attribute15 setting. |
Remove vpn samlSSOProfile attribute15format setting. |
Remove vpn samlSSOProfile attribute15friendly setting. |
Remove vpn samlSSOProfile attribute16 setting. |
Remove vpn samlSSOProfile attribute16format setting. |
Remove vpn samlSSOProfile attribute16friendly setting. |
Remove vpn samlSSOProfile attribute1format setting. |
Remove vpn samlSSOProfile attribute1friendly setting. |
Remove vpn samlSSOProfile attribute2 setting. |
Remove vpn samlSSOProfile attribute2format setting. |
Remove vpn samlSSOProfile attribute2friendly setting. |
Remove vpn samlSSOProfile attribute3 setting. |
Remove vpn samlSSOProfile attribute3format setting. |
Remove vpn samlSSOProfile attribute3friendly setting. |
Remove vpn samlSSOProfile attribute4 setting. |
Remove vpn samlSSOProfile attribute4format setting. |
Remove vpn samlSSOProfile attribute4friendly setting. |
Remove vpn samlSSOProfile attribute5 setting. |
Remove vpn samlSSOProfile attribute5format setting. |
Remove vpn samlSSOProfile attribute5friendly setting. |
Remove vpn samlSSOProfile attribute6 setting. |
Remove vpn samlSSOProfile attribute6format setting. |
Remove vpn samlSSOProfile attribute6friendly setting. |
Remove vpn samlSSOProfile attribute7 setting. |
Remove vpn samlSSOProfile attribute7format setting. |
Remove vpn samlSSOProfile attribute7friendly setting. |
Remove vpn samlSSOProfile attribute8 setting. |
Remove vpn samlSSOProfile attribute8format setting. |
Remove vpn samlSSOProfile attribute8friendly setting. |
Remove vpn samlSSOProfile attribute9 setting. |
Remove vpn samlSSOProfile attribute9format setting. |
Remove vpn samlSSOProfile attribute9friendly setting. |
Remove vpn samlSSOProfile audience setting. |
Remove vpn samlSSOProfile digestmethod setting. |
Remove vpn samlSSOProfile encryptassertion setting. |
Remove vpn samlSSOProfile encryptionalgorithm setting. |
Remove vpn samlSSOProfile nameidexpr setting. |
Remove vpn samlSSOProfile nameidformat setting. |
Remove vpn samlSSOProfile relaystaterule setting. |
Remove vpn samlSSOProfile samlissuer setting. |
Remove vpn samlSSOProfile samlsigningcert setting. |
Remove vpn samlSSOProfile samlspcert setting. |
Remove vpn samlSSOProfile sendpassword setting. |
Remove vpn samlSSOProfile signassertion setting. |
Remove vpn samlSSOProfile signaturealg setting. |
Remove vpn samlSSOProfile signatureservice setting. |
Remove vpn samlSSOProfile skewtime setting. |
Remove vpn securePrivateAccessProfile accessrestrictedpageredirect setting. |
Remove vpn securePrivateAccessProfile chromeenterprisepremiummode setting. |
Remove vpn securePrivateAccessProfile customerid setting. |
Remove vpn securePrivateAccessProfile forceclienttype setting. |
Remove vpn securePrivateAccessProfile googlecustomerid setting. |
Remove vpn securePrivateAccessProfile googlesecuritygatewayid setting. |
Remove vpn securePrivateAccessProfile sharedsecret setting. |
Remove vpn sessionAction advancedclientlessvpnmode setting. |
Remove vpn sessionAction allowedlogingroups setting. |
Remove vpn sessionAction allprotocolproxy setting. |
Remove vpn sessionAction alwaysonprofile setting. |
Remove vpn sessionAction authorizationgroup setting. |
Remove vpn sessionAction autoproxyurl setting. |
Remove vpn sessionAction citrixreceiverhome setting. |
Remove vpn sessionAction clientchoices setting. |
Remove vpn sessionAction clientcleanupprompt setting. |
Remove vpn sessionAction clientconfiguration setting. |
Remove vpn sessionAction clientdebug setting. |
Remove vpn sessionAction clientidletimeout setting. |
Remove vpn sessionAction clientlessmodeurlencoding setting. |
Remove vpn sessionAction clientlesspersistentcookie setting. |
Remove vpn sessionAction clientlessvpnmode setting. |
Remove vpn sessionAction clientoptions setting. |
Remove vpn sessionAction clientsecurity setting. |
Remove vpn sessionAction clientsecuritygroup setting. |
Remove vpn sessionAction clientsecuritylog setting. |
Remove vpn sessionAction clientsecuritymessage setting. |
Remove vpn sessionAction defaultauthorizationaction setting. |
Remove vpn sessionAction dnsvserver setting. |
Remove vpn sessionAction emailhome setting. |
Remove vpn sessionAction epaclienttype setting. |
Remove vpn sessionAction forcecleanup setting. |
Remove vpn sessionAction forcedtimeout setting. |
Remove vpn sessionAction forcedtimeoutwarning setting. |
Remove vpn sessionAction fqdnspoofedip setting. |
Remove vpn sessionAction ftpproxy setting. |
Remove vpn sessionAction gopherproxy setting. |
Remove vpn sessionAction homepage setting. |
Remove vpn sessionAction httpport setting. |
Remove vpn sessionAction httpproxy setting. |
Remove vpn sessionAction icaproxy setting. |
Remove vpn sessionAction iconwithreceiver setting. |
Remove vpn sessionAction iipdnssuffix setting. |
Remove vpn sessionAction kcdaccount setting. |
Remove vpn sessionAction killconnections setting. |
Remove vpn sessionAction linuxpluginupgrade setting. |
Remove vpn sessionAction locallanaccess setting. |
Remove vpn sessionAction loginscript setting. |
Remove vpn sessionAction logoutscript setting. |
Remove vpn sessionAction macpluginupgrade setting. |
Remove vpn sessionAction netmask setting. |
Remove vpn sessionAction ntdomain setting. |
Remove vpn sessionAction pcoipprofile setting. |
Remove vpn sessionAction proxy setting. |
Remove vpn sessionAction proxyexception setting. |
Remove vpn sessionAction proxylocalbypass setting. |
Remove vpn sessionAction rdpclientprofile setting. |
Remove vpn sessionAction rfc1918 setting. |
Remove vpn sessionAction securebrowse setting. |
Remove vpn sessionAction sesstimeout setting. |
Remove vpn sessionAction sfgatewayauthtype setting. |
Remove vpn sessionAction smartgroup setting. |
Remove vpn sessionAction socksproxy setting. |
Remove vpn sessionAction splitdns setting. |
Remove vpn sessionAction splittunnel setting. |
Remove vpn sessionAction spoofiip setting. |
Remove vpn sessionAction sslproxy setting. |
Remove vpn sessionAction sso setting. |
Remove vpn sessionAction ssocredential setting. |
Remove vpn sessionAction storefronturl setting. |
Remove vpn sessionAction transparentinterception setting. |
Remove vpn sessionAction useiip setting. |
Remove vpn sessionAction usemip setting. |
Remove vpn sessionAction useraccounting setting. |
Remove vpn sessionAction wihome setting. |
Remove vpn sessionAction windowsautologon setting. |
Remove vpn sessionAction windowsclienttype setting. |
Remove vpn sessionAction windowspluginupgrade setting. |
Remove vpn sessionAction winsip setting. |
Remove vpn sessionAction wiportalmode setting. |
Remove vpn sessionPolicy action setting. |
Remove vpn sessionPolicy rule setting. |
Remove vpn trafficAction kcdaccount setting. |
Remove vpn trafficAction passwdexpression setting. |
Remove vpn trafficAction proxy setting. |
Remove vpn trafficAction userexpression setting. |
Remove vpn trafficAction wanscaler setting. |
Remove vpn trafficPolicy action setting. |
Remove vpn trafficPolicy rule setting. |
Remove vpn url appjson setting. |
Remove vpn url applicationtype setting. |
Remove vpn url clientlessaccess setting. |
Remove vpn url comment setting. |
Remove vpn url iconurl setting. |
Remove vpn url samlssoprofile setting. |
Remove vpn url ssotype setting. |
Remove vpn url vserver setting. |
Remove vpn urlAction applicationtype setting. |
Remove vpn urlAction clientlessaccess setting. |
Remove vpn urlAction comment setting. |
Remove vpn urlAction iconurl setting. |
Remove vpn urlAction samlssoprofile setting. |
Remove vpn urlAction ssotype setting. |
Remove vpn urlAction vserver setting. |
Remove vpn urlPolicy comment setting. |
Remove vpn urlPolicy logaction setting. |
Remove vpn vserver accessrestrictedpageredirect setting. |
Remove vpn vserver advancedepa setting. |
Remove vpn vserver appflowlog setting. |
Remove vpn vserver authentication setting. |
Remove vpn vserver authnprofile setting. |
Remove vpn vserver certkeynames setting. |
Remove vpn vserver cginfrahomepageredirect setting. |
Remove vpn vserver comment setting. |
Remove vpn vserver devicecert setting. |
Remove vpn vserver deviceposture setting. |
Remove vpn vserver doublehop setting. |
Remove vpn vserver downstateflush setting. |
Remove vpn vserver dtls setting. |
Remove vpn vserver httpprofile setting. |
Remove vpn vserver icaonly setting. |
Remove vpn vserver icaproxysessionmigration setting. |
Remove vpn vserver icmpvsrresponse setting. |
Remove vpn vserver ipset setting. |
Remove vpn vserver l2conn setting. |
Remove vpn vserver linuxepapluginupgrade setting. |
Remove vpn vserver listenpolicy setting. |
Remove vpn vserver listenpriority setting. |
Remove vpn vserver loginonce setting. |
Remove vpn vserver logoutonsmartcardremoval setting. |
Remove vpn vserver macepapluginupgrade setting. |
Remove vpn vserver maxaaausers setting. |
Remove vpn vserver maxloginattempts setting. |
Remove vpn vserver netprofile setting. |
Remove vpn vserver pcoipvserverprofile setting. |
Remove vpn vserver quicprofile setting. |
Remove vpn vserver rdpserverprofile setting. |
Remove vpn vserver rhistate setting. |
Remove vpn vserver samesite setting. |
Remove vpn vserver secureprivateaccess setting. |
Remove vpn vserver tcpprofile setting. |
Remove vpn vserver userdomains setting. |
Remove vpn vserver vserverfqdn setting. |
Remove vpn vserver windowsepapluginupgrade setting. |