Netscaler
Enable Access Gateway features
Access Gateway - Policies - Authentication - Servers (tab)
Add the domain controller
Access Gateway - Policies - Authentication - Policies (tab)
Add a new policy
Select the Server created earlier and add ns_true as expression
Access Gateway - Policies - Session - Profiles (tab)
Add a new profile
Change the Web Interface Address to your local web interface server path
Change the Single Sign-On Domain to your Active Directory domain
Access Gateway - Policies - Session - Policies (tab)
Add a new Policy
Add the ns_true expression
Change the Request Profile to the profile created earlier
Access Gateway - Virtual Servers
Add a new virtual server
Give an IP address
Select the SSL certificate (click here how to add SSL certificate to NetScaler)
Insert the policy created earlier
Add the URL to the STA
Citrix Web Interface
Create a new XenApp Web Sites
Authentication Point: At Access Gateway
Available Method: Explicit
Authentication Method:
Add the URL (https) that is publicly available for the user
Secure Access: Gateway Direct
Enter the publicly available URL to the address
Add the STA URL exactly the same with the STA servers you added to the Netscaler
