Forum Discussion

JRahm's avatar
JRahm
Icon for Admin rankAdmin
Aug 07, 2014

APM VDI support for other thin clients?

(posting on behalf of client)

 

Hi all,

 

I know that as of 11.4, Wyse Xenith clients are supported. I am wondering if anyone has had success configuring another Wyse thin client (the device is a D10D, which runs Wyse Thin OS) to go through APM and access a virtual desktop in Citrix? We've used the newest Citrix VDI 1.1.0 iApp and so far it's working on Windows clients (browser and through Receiver) but not through the Wyse device. Management would like to see this device work so I figured I'd see if anyone has done something like this, and if so would you mind sharing a sanitized version of the wtos.ini file you used? Also, any insight on config that has to happen on APM or on Citrix.

 

We've tried enabling CAG authentication within wtos.ini, and that got us a little bit further but it's still not getting past a logon. The last thing we tried was updating the Wyse client firmware, no luck.

 

I opened a case, but I figured I would ask to see if anyone's already got this working somewhere. Thanks in advance!

 

APM
citrix
security
virtualization

1 Reply

Sort By
  • BriannonotthatB's avatar
    BriannonotthatB
    Icon for Nimbostratus rankNimbostratus
    Aug 21, 2014

    I found out that the solution to the above question is actually included in the VDI 1.1.0 iApp deployment guide. On page 31/55 the section with "Users with certain mobile clients (iOS/Android) are having authentication issues after deploying the iApp and selecting to use BIG-IP APM with Web Interface or StoreFront servers" contains the fix. In short, remove the Storefront URI Redirect from the Access Policy, then add an iRule as follows to the virtual server:

    when ACCESS_ACL_ALLOWED {
    set type [ACCESS::session data get session.client.type]
    if { !($type starts_with "citrix") } {
        if { [HTTP::uri] == "/" } {
        log local0. "Redirecting to Web..."
        ACCESS::respond 302 Location "https://[HTTP::host]/Citrix/web/"
        }
    }
}

    This is confirmed to work in Wyse thin clients as well as Android/iOS Receiver clients as mentioned in the guide. The wnos.ini file on the Wyse clients needs to contain a line similar to this as well:

    PnliteServer=https://apmserver.domainname.com CAGAuthMethod=LDAP