NetScaler - Logging Audit Messages

I was asked today if there was a way to get alerts from the NetScaler about a policy being hit for one of our external facing websites from an external source. I started to look into doing this but have decided that it would be quite the effort, at least for my first time. I did a bit of research and came up with a few sources which may help put the whole alerting system together. If I get a chance to configure this I will update this with how I completed it.

This solution requires:

• NetScaler
• Auditing
• Auditing Message Actions
• VServers
• Responder/Rewrite policies
• Citrix Command Center
• Alarm Trigger

Resources for creating custom logging:
Quick template of how to setup message actions from Citrix.com.
http://support.citrix.com/proddocs/topic/ns-system-10-1-map/ns-ag-al-confrng-policy-based-logging-tsk.html.

This shows how to log an HTTP header using policy-based logging.
http://support.citrix.com/article/CTX125466

This shows how to setup the message action and how to bind that policy to a responder policy.
http://blogs.citrix.com/2011/08/25/log-what-and-when-you-want-%E2%80%93-all-the-way-from-layer-2-to-layer-7/

This shows how to configure email alerts on Citrix Command Center
http://support.citrix.com/article/CTX133137

NetScaler - Use Source IP

The NetScaler can be a wonderful tool with all of its capabilities, but sometimes that can be a double-edged sword. The ever changing demands that IT personnel go through each day can be exciting and rewarding but sometimes leads to confusion. Today was a perfect example of this for me.

I have been attempting to get a SharePoint site externally available. I am doing this using the NetScaler and its SSL features. I have added the Server, Service, and Server in to the Load Balancing feature. After checking to make sure my responder policies/action were correct, I attempted to test the setup using my host file. I got the forever annoying, "Internet Explorer cannot display the webpage" message.

This is when I remembered the "Use Source IP" check box of the Load Balancing Service. This check box has singled markedly cause me hours of frustration and confusion. It forces the client's response to come from the Client's IP address rather than responding back to the NetScaler. I unchecked this and the Client no longer goes directly to the server when it responds, which fixed my problem.

tl;dr
Uncheck the "Use Source IP" check box which can be found in the Service configuration screen.

Uncheck "Use Source IP"

More info from Citrix below:
http://support.citrix.com/proddocs/topic/ns-system-10-1-map/ns-nw-ipaddrssng-enabling-use-src-ip-mode-tsk.html

Citrix(NetScaler) Command Center

I have had my first foray into the Citrix Command Center 5.1 and let me tell you, it has been pretty positive. NetScalers are a multi-faceted tool so management of this device is not always easy if only using the given interface. Command Center expands upon the toolset offered by the NetScaler by giving you a set of tools to monitor the NetScalers. This includes all forms of alerting and logging! I have not dug much into the Command Center yet, but I fully intend to soon and will definitely post my findings (good and bad).

Error Text 10551 BPA Server

Recently I had been working on a workflow that inputs records into a SQL database through stored procedures. We tried to implement this functionality into our Production environment but we had been having some issues. We get an error, "Error Text: (10551) Expecting a constant, var name or function name." (Shown below, Fig. 1) whenever we ran the workflow. That error and an accompanying one, which is completely blank, is all the information that we had to go by.

After some deliberation and LOTS of test emails, we determined that an evaluation was causing the problem. We looked into the evaluation to see that the shared variable that we were looking at was named incorrectly. Once we changed it to the correct name, all went well.

Fig. 1