Citrix releases a maintenance release for Access Gateway 5.0.4

This maintenance release updates Access Gateway 5.0. Please note that this maintenance release is applicable to the Model 2010 appliance and Access Gateway VPX that supports Access Gateway 5.0.

Read more: Citrix releases a maintenance release for Access Gateway 5.0.4

How Configure Citrix Receiver for Android to work with Access Gateway VPX

I have been seeing a lot of support forums and problems around running the 2 latest versions of Citrix Receiver for Android together with Access Gateway 5.x VPX.
Now, after trying and trying to get it to work, I finally found a solution to the issue. It's more of a certificate issue than something else!

So, make sure that you have imported the certificate on the Android device. I downloaded the Astro file manager on the Android device, because it can also extract a zip directory. The reason for this is that I had a certificate zip file, and Outlook don't want to send .crt files... or just rename the license file... my zip file also included 5 other certificates.

Once you have installed them on the Android device, we are good to go to the management console of the Access Gateway 5.0.3 VPX.

Please note that I will not go thru the certification process!

Log in with your admin account!

Now go to your Certificates.

Now, I had a lot of problems getting this to work, and it turns out that some certificates actually needs to be Chain'ed on the CAG to work on the Android platform!
So, I finally found a solution to my Android issue. Depending on the certificate you are using (in my case, one from Comodo) you need to install a "cross root CA" cert and Chain/bind it as the CA to your site certificate. Now, this was not the case for either Linux, Windows, MAC or iPad/iPhone, but it seems that the Android is different when it comes to accepting certificates. I actually saw some blog posts about hacking the root CA part of it to get other solutions working...

So, that's it folks, this is what you need to do. When that is said, if you choose to use verisign certs. you will not get any errors browsing the website from any Android device. That's because the Android OS has a limited built in "trust" list of CA's to trust.

Citrix Access Gateway VPX 5.0.3

Access Gateway and Access Gateway VPX 5.0.3 has some new features from the older versions, here is a quick overview of the new features.

• Multi-Stream ICA Support - The multi-stream ICA feature allows you to partition multiple ICA streams in the same session. With multi-stream ICA, you can partition a single TCP connection into multiple streams based on different types of traffic that are typical for session reliability.
• Basic Logon Point Session Time-outs in Access Controller - If you configure a basic logon point in Access Controller, you can now configure session time-outs as part of the logon point settings.

New Features available in Access Gateway version 5.0 include:

• Access Gateway VPX for VMWare ESX/ESXi — Access Gateway VPX running on VMware ESX and ESXi hypervisors allows organizations to leverage their existing server virtualization investments and provides additional deployment flexibility.
• Simple and Intuitive Administration — Access Gateway 5.0 uses a new Flash-based administration tool for the appliance that makes it easy to install certificates, configure access control and monitor activity from any Flash-enabled web browser.
• Basic High Availability support for Model 2010 and VPX appliances — Two Access Gateway appliances can be configured as a failover pair. The appliances operate in active/passive mode, with the primary appliance servicing all user connections and the secondary appliance monitoring the primary and synchronizing session information. If the primary appliance fails, the secondary appliance takes over.
• Variable Logon Points — Each Access Gateway appliance can host multiple logon points for support of different features or different user communities. Basic logon points enable unlimited logins for secure access to Citrix XenApp and XenDesktop only and are enabled by the free Access Gateway platform license; SmartAccess logon points enable rich access control features such as network-layer VPN, endpoint analysis, clientless access to web sites and file shares, and adaptive access control.
• Endpoint Remediation — When users fail to access the system because of a failed endpoint analysis scan, you can provide a customized HTML message informing them of why they failed and what steps to take for remediation.
• Improved architecture — Significant updates have been made to the appliance firmware and Access Controller web services in this release to improve the overall performance, stability and feature set of Access Gateway.

Important Licensing Changes

Platform License Required
Each appliance running Access Gateway 5.0 requires a platform license in order to function. Without the platform license installed, the gateway will not allow logins after a 48-hour grace period. Platform licenses are delivered electronically when an appliance is ordered. If you have an existing Access Gateway Model 2010 appliance covered by Warranty, you can obtain your Access Gateway Platform License using the Upgrade My Products toolbox on MyCitrix.

User Licenses Optional
The required Access Gateway platform license enables unlimited logins through Basic logon points. Each concurrent login to a SmartAccess logon point requires an Access Gateway user license. Access Gateway Standard Edition or Access Gateway Universal licenses may be used for this purpose.

Subscription Advantage Eligibility Date
To use your existing Access Gateway licenses with this version, the Subscription Advantage on those licenses must be valid on or after September 1, 2010.

Supported Platforms

Access Gateway 5.0 is supported only on the following appliance platforms:

• Access Gateway Model 2010
• Access Gateway VPX

Citrix releases Access Gateway VPX 5.0.2

Access Gateway VPX 5.0 is a virtual appliance for Citrix XenServer or VMWare ESX/ESXi that provides secure access to virtual desktops, applications and data while allowing users to work from anywhere. It offers the same capabilities as an Access Gateway physical appliance (Model 2010) while giving greater flexibility and more deployment options to IT administrators. Access Gateway VPX is the best choice for organizations who need to rapidly provision secure access, reduce infrastructure requirements, and minimize power consumption.

New Features Supported in This Maintenance Release

Access Gateway Imaging Tool

The Access Gateway imaging tool now exists as a .zip file containing all files necessary for reimaging the appliance. You download the .zip file, extract the files, and run the tool. The tool indicates the location of the USB drive. By using the .zip file, you no longer need to select an ISO file.

Certificate Length

If you attempt to import an intermediate certificate to Access Gateway where the Subject field is longer than 128 characters, you receive the error message "Value too long for type character varying (128)."

Secure Ticket Authority

You can now configure up to 25 servers running the Secure Ticket Authority (STA).

Static Routing

You can now add up to 256 static routes on the Access Gateway appliance.

Upgrading Access Controller

You can now upgrade Access Controller from Version 5.0 or Version 5.0.1 to Version 5.0.2 without removing the previous version.

XenApp Services Site

You can configure Access Gateway to use a XenApp Services site, giving users access to virtual applications from their computer desktop or mobile device when they authenticate through the Web Interface.

Click here to learn more ( may require a valid mycitrix.com account! )