Home
/
Citrix
/
NetScaler SDX 11500
/
Manual

Citrix NetScaler SDX 11500, Manual

Share

Page: 186 / 253

Citrix NetScaler SDX 11500 Manual Download Page 186

© 1999-2017 Citrix Systems, Inc. All rights reserved.

p.186

https://docs.citrix.com

Consolidation When the Management Service and the
NetScaler Instances are in Different Networks

Apr 12, 2013

In certain cases, the appliance administrator might allow other administrators to perform administration tasks on individual
instances. This can be safely done by giving an individual instance administrator login rights to just that instance. But, for
security reasons, the appliance administrator might not want to allow the instance to be on the same network as the
Management Service. This is a very common scenario in service provider environments, and it is becoming increasingly
common in enterprises as they adopt virtualization and cloud architectures.
In the following example, the Management Service is in the 10.1.1.x network and the NetScaler instances are in the 10.1.2.x
network. Interfaces 0/1 and 0/2 are the management interfaces, 1/1 to 1/8 are 1G data interfaces, and 10/1 to 10/4 are
10G data interfaces. Each instance has its own dedicated administrator and its own dedicated physical interface.
Therefore, the number of instances is limited to the number of physical interfaces available on the appliance. VLAN ﬁltering
is not required, because each instance has its own dedicated interface. Optionally, disable VLAN ﬁltering to conﬁgure up to
4096 VLANs per instance per interface. In this example, you do not need to conﬁgure an NSVLAN, because instances are
not sharing a physical interface and there are no tagged VLANs. For more information about NSVLANs, see

NetScaler Instance

The following ﬁgure illustrates the above use case.

Figure 1. Network topology of an SDX appliance with Management Service and NetScaler NSIPs for Instances in different
networks

As the appliance administrator, you have the option to keep the trafﬁc between the Management Service and the NSIP
addresses on the SDX appliance, or to force the trafﬁc off the device if, for example, you want trafﬁc to go through an
external ﬁrewall or some other security intermediary and then return to the appliance.

The following table lists the names and values of the parameters used for provisioning NetScaler Instance 1 in this example.

Parameter Name

Values for Instance 1

Name

vpx1

IP Address

10.1.2.2

«
...
184
185
186
187
188
...
»

Summary of Contents for NetScaler SDX 11500

Page 1: ...itial Configuration Lights Out Management Port of the NetScaler SDX Appliance Upgrading the Components of a NetScaler SDX Appliance Upgrading the Management Service Upgrading the XenServer Software Up...

Page 2: ...of NetScaler Instances Con guring and Managing NetScaler Instances Configuring Authentication and Authorization Settings Configuring the External Authentication Server Configuring Link Aggregation fr...

Page 3: ...040 14060 14080 14100 Appliance to a NetScaler SDX 14020 14030 14040 14060 14080 14100 Appliance Converting a NetScaler MPX 24100 and 24150 Appliance to a NetScaler SDX 24100 and 24150 Appliance Third...

Page 4: ...e notes describe the enhancements changes bug xes and known issues for a particular release or build of Citrix NetScaler software The NetScaler SDX release notes are covered as a part of NetScaler rel...

Page 5: ...al con guration you can connect a computer to the appliance s network or to its serial console port After initial con guration you can con gure the Lights Out Management port so that you have manageme...

Page 6: ...upplement packs should be upgraded based on a feature s requirement else they should be kept as those shipped from the factory Refer table 2 to understand the feature component compatibility informati...

Page 7: ...ld 50 10 and later Supported 1 Release 10 0 build 74 4 and later 2 Release 10 1 build 118 7 and later 3 Release 10 5 build 50 10 and later SDX 22040 22060 22080 22100 Supported 1 Release 10 1 build 12...

Page 8: ...er Supplemental Pack versions Table 2 NetScaler SDX Features and Components Compatibility SDX Feature Management Service Version NetScaler Version XenServer Version SDX Supplemental Pack Version LACP...

Page 9: ...10 and later Not Supported 1 Release 9 3 Version 6 1 and later 100006 and higher NetScaler Cluster on SDX Supported 1 Release 10 1 build 118 7 and later 2 Release 10 5 build 50 10 and later Not Suppor...

Page 10: ...initial configuration For information about changing the nsroot password see Changing the Password of the Default User Account 3 Click Show Options and then do the following 1 In the Start in list sel...

Page 11: ...our hardware serial number HSN or your license activation code LAC to allocate your licenses Alternatively if a license is already present on your local computer you can upload it to the appliance Sel...

Page 12: ...from that gadget You are not prompted for your user credentials Managing the Home Page The Management Service Home page provides you with a high level view of the performance of the SDX appliance and...

Page 13: ...allowed characters are a z A Z 0 9 and _ Click Go without typing any characters in the search box to display all the gadgets that are available After the gadget is displayed click Add to dashboard Cu...

Page 14: ...ial con guration you can connect a computer to the appliance s network or to its serial console port After initial con guration you can con gure the Lights Out Management port so that you have managem...

Page 15: ...ou have purchased an SDX 11515 license the LCD screen displays CITRIX NSSDX 11500 and the Management Service screen displays NetScaler SDX 11515 The LCD backlight on the NetScaler SDX 22040 22060 2208...

Page 16: ...nk Solid green Link is established but no traffic is passing through the port Blinking green Traffic is passing through the port 1G SFP 1 Gbps Left Link Activity Off No link Solid green Link is establ...

Page 17: ...h the port Port Type LED Location LED Function LED Color LED Indicates On each power supply a bicolor LED indicator shows the condition of the power supply Table 2 LED Power Supply Indicators Power Su...

Page 18: ...s per second Mbps Most platforms have at least one 10 100BASE T port 10 100 1000BASE T port The 10 100 1000BASE T port has a maximum transmission speed of 1 gigabit per second ten times faster than th...

Page 19: ...m 4 Pack n a Category 5 Cat 5 Copper Cable 100 m SDX 8015 8400 8600 SDX 22040 22060 22080 22100 22120 SDX 24100 24150 Table 4 Short Reach Fiber 1G SFP Distance Specifications SKU Description Transmitt...

Page 20: ...0 13500 14500 16500 18500 20500 SDX 11515 11520 11530 11540 11542 SDX 17500 19500 21500 SDX 22040 22060 22080 22100 22120 SDX 24100 24150 50 125um MMF 500MHz km OM2 550 m 50 125um MMF 400MHz km 550 m...

Page 21: ...edia The following table lists the maximum distance speci cations for 10G transceivers Table 8 Short Reach Fiber 10G SFP Distance Specifications SKU Description Transmitter Wavelength nm Fiber Type Ty...

Page 22: ...711 EW3B0000711 EW3C0000711 EW3D0000711 EW3E0000711 EW3F0000711 EW3P0000558 EW3X0000711 EW3Z0000586 Citrix NetScaler 10G SFP Ethernet Long Range 10km Single 1310nm nominal 9 125um SMF 10 km SDX 8015 8...

Page 23: ...e condition of the power supply Electrical Safety Precautions for Power Supply Replacement Make sure that the appliance has a direct physical connection to earth ground during normal use When installi...

Page 24: ...ower supplies Replacing a DC Power Supply Citrix NetScaler SDX platforms can accommodate two power supplies except the SDX 22040 22060 22080 22100 22120 and SDX 24100 24150 platforms which can accommo...

Page 25: ...on the back panel of the appliance The disable alarm button is functional only when the appliance has two power supplies Solid State Drive A solid state drive SSD is a high performance device that st...

Page 26: ...To provision more instances on the appliance you must purchase and install additional SSDs To add additional SSDs on SDX 22040 22060 22080 22100 22120 and SDX 24100 24150 appliances Put the rst new S...

Page 27: ...he top if the drive is inserted horizontally or at the right if the drive is inserted vertically Figure 8 Inserting the Replacement Solid State Drive 5 Turn on the appliance 6 Log on to the default IP...

Page 28: ...the rear of the appliance so that the hard drive locks securely into the slot Important When you insert the drive make sure that the Citrix product label is at the top Figure 10 Inserting the Replace...

Page 29: ...all or remove a direct attach cable 1 To install the DAC slide it into the 10G port on the appliance as shown in the following figure You will hear a click when the DAC properly fits into the port Fig...

Page 30: ...manage multiple virtual instances of NetScaler The Citrix NetScaler SDX product line consists of Citrix Netscaler SDX 8015 8400 8600 Citrix Netscaler SDX 11500 13500 14500 16500 18500 20500 Citrix Ne...

Page 31: ...rnet ports 6x1G SFP appliance Figure 1 Citrix NetScaler SDX 8015 8400 8600 6x10 100 1000Base T copper Ethernet ports 6x1G SFP front panel The following gure shows the front panel of the SDX 8015 8400...

Page 32: ...f the SDX 8015 8400 8600 appliance 256 GB removable solid state drive which is used to store the NetScaler software and the user data Power switch which turns off power to the appliance just as if you...

Page 33: ...RJ45 also called LOM port You can use this port to remotely monitor and manage the appliance independently of the NetScaler software Note The LEDs on the LOM port are not operational by design RS232...

Page 34: ...upt NMI Button that is used at the request of Technical Support and produces a core dump on the NetScaler You must use a pen pencil or other pointed object to press this red button which is recessed t...

Page 35: ...SDX 11515 11520 11530 11540 11542 appliances have the following ports RS232 serial console port 10 100Base T copper Ethernet Port RJ45 also called LOM port You can use this port to remotely monitor a...

Page 36: ...NMI Button that is used at the request of Technical Support and produces a core dump on the NetScaler You must use a pen pencil or other pointed object to press this red button which is recessed to p...

Page 37: ...GE SFP ports numbered 10 1 10 2 10 3 and 10 4 on the top row from left to right and 10 5 10 6 10 7 and 10 8 on the bottom row from left to right The following gure shows the back panel of the SDX 1750...

Page 38: ...ton is functional only when the appliance has two power supplies Press this button to stop the power alarm from sounding when you have plugged the appliance into only one power outlet or when one powe...

Page 39: ...n RS232 serial console port Two 10 100 1000Base T copper Ethernet management ports RJ45 numbered 0 1 and 0 2 from left to right These ports are used to connect directly to the appliance for system adm...

Page 40: ...ble hard disk drives that store user data Disable alarm button This button is functional only when the appliance has two power supplies Press this button to stop the power alarm from sounding when you...

Page 41: ...22060 22080 22100 22120 12x1G SFP 24x10G SFP appliance Figure 1 Citrix NetScaler SDX 22040 22060 22080 22100 22120 12x1G SFP 24x10G SFP front panel The following gure shows the front panel of the SDX...

Page 42: ...available remotely over the network in the LOM GUI in the Remote Control menu System status LED which indicates the status of the appliance as described in http support citrix com proddocs topic nets...

Page 43: ...X 24100 24150 12x1G SFP 24x10G SFP front panel Depending on the model the appliance has the following ports RS232 serial Console Port 10 100Base T copper Ethernet Port RJ45 also called the LOM port Yo...

Page 44: ...00 24150 appliance running LOM firmware version 3 22 the system status LED indicates an error continuously glows RED even though the appliance is functioning properly Four power supplies each rated at...

Page 45: ...SDX 14020 14030 14040 14060 14080 14100 appliances have the following ports RS232 serial Console Port 10 100Base T copper Ethernet Port RJ45 also called the LOM port You can use this port to remotely...

Page 46: ...the power Two power supplies each rated at 1000 watts 100 240 volts Each power supply has an LED that indicates the status of the power supply as described in http docs citrix com en us sdx 11 hardwa...

Page 47: ...eading 2 six core Memory 32 GB 48 GB 48 GB Ports 1G 6x1G SFP 6x10 100 1000Base T copper Ethernet model 6xcopper ber 1G SFP ports 6x10 100 1000Base T copper Ethernet ports 2x10G SFP 6x10 100 1000Base T...

Page 48: ...h racks EIA 310 D for 19 inch racks EIA 310 D for 19 inch racks Depth 24 01 in or 61 cm 28 in or 71 68 cm 28 in or 71 68 cm Operating Temperature degree Celsius 0 40 C 32 104 F 0 40 0 40 C 32 104 F Hu...

Page 49: ...6 GB 256 GB 256 GB Ports 1G NA NA 12x1G SFP 24x10G SFP model 12xcopper ber 1G SFP ports 12x1G SFP 24x10G SFP model 12xcopper ber 1G SFP ports Ports 10G 8x10G SFP ports 8x10G SFP ports 12x1G SFP 24x10G...

Page 50: ...5 lbs 38 56 kg 85 lbs 38 56 kg Height 2U 2U 2U 2U Width EIA 310 D for 19 inch racks EIA 310 D for 19 inch racks EIA 310 D for 19 inch racks EIA 310 D for 19 inch racks Depth 24 75 in or 62 865 cm 24 7...

Page 51: ...DX 24150 Table 3 SDX Platform Summary contd Speci cations SDX 14020 14030 14040 14060 14080 14100 Regulatory model number Citrix 2U1P1B Processors 2 six core Memory 64 GB Number of power supplies 2 AC...

Page 52: ...rating temperature 0 40 C 32 104 F Humidity range non condensing 20 80 Safety certi cations CSA EMC susceptibility USA FCC Europe CE Japan VCCI Australia RCM China CCC Korea KCC India BIS Mexico NOM S...

Page 53: ...15 11520 11530 11540 11542 and SDX 17500 19500 21500 and SDX 17550 19550 20550 21550 appliances Four power cables for the SDX 22040 22060 22080 22100 22120 and SDX 24100 24150 appliances Note Make sur...

Page 54: ...r and network connections Power connections At minimum two standard power outlets per unit Network connections At minimum four Ethernet connections per rack unit Space requirements One empty rack unit...

Page 55: ...r consumption rating with no danger of an overload Always unplug any appliance before performing repairs or upgrades Do not overload the wiring in your server cabinet or on your server room rack Durin...

Page 56: ...t the rack is stable before extending a component from the rack Extend only one component at a time Extending two or more simultaneously might cause the rack to become unstable The handles on the left...

Page 57: ...tion If you are installing the appliance as the only unit in the rack mount it at the bottom If the rack contains other units make sure that the heaviest unit is at the bottom If the rack has stabiliz...

Page 58: ...il assembly on a flat surface 2 Slide out the inner rail toward the front of the assembly 3 Depress the latch until the inner rail comes all the way out of the rail assembly 4 Repeat steps 1 through 3...

Page 59: ...following figures Use a screw to lock the rear rail flange into the rack With the screw securing the rail in place you can optionally remove the latching spring Figure 4 Installing the Rail Assembly...

Page 60: ...peed and mode are matched on both ends of the cable Caution NetScaler appliances do not support 1G SFP transceivers from vendors other than Citrix Systems Attempting to install third party 1G SFP tran...

Page 61: ...and Removing 10G SFP Transceivers Note This section applies to the SDX 8015 8400 8600 SDX 11500 13500 14500 16500 18500 20500 SDX 11515 11520 11530 11540 11542 SDX 14020 14030 14040 14060 14080 14100...

Page 62: ...it away 5 Put the 10G SFP transceiver into its original box or another appropriate container Connecting the Cables When the appliance is securely mounted on the rack you are ready to connect the cable...

Page 63: ...NONE Then connect one end of the console cable to the RS232 serial port on the appliance and the other end to the computer or terminal To connect the console cable to a computer or terminal 1 Insert...

Page 64: ...f the appliance Switching on the Appliance After you have installed the appliance in a rack and connected the cables verify that the power cable is properly connected If you have installed a second po...

Page 65: ...authenticate the root user The default root password is nsroot You can change this password during initial configuration of the appliance Initial Con guration through the Management Service User Inte...

Page 66: ...sed telnet client or any supported terminal emulation program 3 Press ENTER The terminal screen displays the Logon prompt Note You might have to press ENTER two or three times depending on which termi...

Page 67: ...rights reserved p 67 https docs citrix com 2 In the Users pane click the default user account and then click Modify 3 In the Modify System User dialog box in Password and Confirm Password enter the p...

Page 68: ...Power control operations Factory reset Different Citrix appliances support different shells For XenServer based NetScaler SDX and CloudBridge appliances use the dom0 Linux root shell To access the dom...

Page 69: ...9 3_65 x 10 1_123 x 10 5 SDX 17550 19550 20550 21550 2 52 3 02 3 33 3 39 3 39 9 3_65 x 10 1_123 x 10 5 SDX 22040 22060 22080 22100 22120 2 63 3 22 3 22 9 3_65 x 10 1_123 x 10 5 SDX 24100 24150 2 63 3...

Page 70: ...network connectivity at both the old and new IP addresses you must use the local shell method to recover See the Secure Deployment Guide for best practices for managing administrative credentials and...

Page 71: ...rimarily used for monitoring the application software and the application software s utilization of hardware resources such as CPU and memory It provides a high level view of the appliance and is ther...

Page 72: ...th 2 Under Options click Sensor Readings Installing the MIB Download the IPMI SNMP management information base MIB for your LOM rmware version and import it into the SNMP monitoring software For a sam...

Page 73: ...s to the SNMP network management software These are very low traf c events and therefore should not result in any signi cant network usage To set up SNMP lters The following commands set up SNMP to al...

Page 74: ...out how to securely deploy the LOM in your network To enable encryption and learn the security measures for LOM see http support citrix com article CTX129514 If you make a mistake you must restore the...

Page 75: ...fy that you have selected the correct certificate and private key check the file names of the certificate and key which appear next to the Choose File buttons 4 Click Upload A message informs you that...

Page 76: ...set the device The reset takes approximately 60 seconds You are then redirected to the logon page 7 Log on to the LOM GUI by using your default credentials Note If the certificate or key are invalid t...

Page 77: ...1999 2017 Citrix Systems Inc All rights reserved p 77 https docs citrix com 9 Click Certificate information to display details about the certificate that you just uploaded...

Page 78: ...1999 2017 Citrix Systems Inc All rights reserved p 78 https docs citrix com Note For the best practices for LOM and NetScaler security see http support citrix com article CTX129514...

Page 79: ...lick Console Redirection 3 Click Launch Console and then click Yes 4 Type the administrator credentials 5 Type show interface management_interface_id to display the MAC address 6 Type show hardware to...

Page 80: ...rights reserved p 80 https docs citrix com 802 1q VLAN ID Disabled 802 1q VLAN Priority 0 RMCP Cipher Suites 1 2 3 6 7 8 11 12 0 Cipher Suite Priv Max aaaaXXaaaXXaaXX X Cipher Suite Unused c CALLBACK...

Page 81: ...for less than four seconds All operations on the appliance are stopped no new connections to the client or server are accepted and all existing connections are closed before the appliance shuts down T...

Page 82: ...ng a Core Dump If the appliance fails or becomes unresponsive you can remotely perform a core dump This procedure has the same effect as pressing the NMI button on the back panel of the appliance To p...

Page 83: ...u can restore the BMC to its factory default settings including deleting the SSL Certi cate and SSL key To reset the con guration to factory defaults by using the GUI 1 Navigate to Maintenance Factory...

Page 84: ...ion is needed other than selecting the port to which to connect the cable The motherboard has an Ethernet switch between the management MAC and the management port and between the LOM MAC and the LOM...

Page 85: ...ead the BIOS POST code by using the LOM GUI or the shell To interpret the BIOS Beep codes see https www ami com support doc AMI_Aptio_4 x_Status_Codes_PUB pdf To read the BIOS Post Code by using the L...

Page 86: ...arios Upgrade Steps Tips Management Service Upgrading to a later version to enable new NetScaler SDX features Downgrading to a previous version because of issues with the current version Upgrading the...

Page 87: ...tScaler download page apply them in them in the chronological order XenServer Supplemental Pack Installing a XenServer Supplemental Pack that has a speci c NetScaler SDX enhancements For example the N...

Page 88: ...https docs citrix com Upgrading the Management Service Sep 27 2013 The process of upgrading the Management Service involves uploading the build le of the target build and the documentation le to the S...

Page 89: ...ntation le 1 In the navigation pane expand Management Service and then click Software Images 2 In the Software Images pane on the Documentation Files tab click Upload 3 In the Upload Management Servic...

Page 90: ...1999 2017 Citrix Systems Inc All rights reserved p 90 https docs citrix com 5 Click OK...

Page 91: ...after the upgrade Restarting the Management Service does not affect your NetScaler VPX instances and the appliance To upgrade the Management Service 1 In the navigation pane click System 2 In the Sys...

Page 92: ...ware Oct 18 2013 You need to upgrade to XenServer version 6 1 0 to enable LACP and provisioning of third party virtual machines instances The process of upgrading the XenServer software involves uploa...

Page 93: ...Image File dialog box click Browse navigate to the folder that contains the build file and then double click the build file 4 Click Upload To create a backup by downloading a XenServer build le 1 In...

Page 94: ...ake up to 20 minutes Before upgrading the software upload the ISO image le to the appliance The current version of the software is displayed in the Upgrade XenServer dialog box To upgrade the XenServe...

Page 95: ...k Browse navigate to the folder that contains the build file and then double click the build file 4 Click Upload The hotfix appears in the details pane 5 Click Apply In the Confirm dialog box click Ye...

Page 96: ...0 Build 100006 Release 10 1 Build 112 13 or later The appliance and all the instances restart after you install the supplemental pack To upload the supplemental pack 1 In the navigation pane expand Ma...

Page 97: ...https docs citrix com Upgrading a NetScaler Instance Oct 07 2013 The process of upgrading the NetScaler instances involves uploading the build le and the documentation le of the target build to the S...

Page 98: ...ages 2 In the Software Images pane click Upload 3 In the Upload NetScaler Software Image dialog box click Browse and select the NetScaler image file that you want to upload 4 Click Upload The image fi...

Page 99: ...prise edition to the platinum edition Also note the following To prevent any loss of configuration save the configuration on each instance before you upgrade any instances You can also upgrade an indi...

Page 100: ...the details pane select the instance and then in the Actions drop down menu click Upgrade If you have configured a channel from the NetScaler instance and want to upgrade the instance from NetScaler...

Page 101: ...sword for the nsroot account Citrix recommends changing the nsroot password frequently If you lose the password you can reset the password to the default by reverting the appliance settings to factory...

Page 102: ...an also explicitly enable and disable NTP synchronization Note If you do not have a local NTP server you can find a list of public open access NTP servers at the official NTP site http www ntp org Bef...

Page 103: ...e interval between re randomization of certain cryptographic values used by the Autokey scheme as a power of 2 in seconds Default value 17 2 17 36 hours Automax Interval The interval between regenerat...

Page 104: ...del number of the hardware platform based on the installed license Maximum Instances The maximum number of instances that you can set up on the SDX appliance based on the installed license Available I...

Page 105: ...emory Usage You can view a graph of CPU and memory usage of the appliance The graph is plotted in real time and updated at regular intervals To view the CPU and memory usage of the SDX appliance on th...

Page 106: ...on the SDX appliance Password The pass phrase that was used to encrypt the private key This option can be used to load encrypted private keys Max length 32 Note Password protected private key is supp...

Page 107: ...erver When XenServer restarts it starts all hosted instances along with the Management Service To restart the appliance 1 On the Configuration tab in the navigation pane click System 2 In the System p...

Page 108: ...of the Management Service and the Xen Server The default time zone is UTC To modify the time zone on the appliance 1 On the Configuration tab in the navigation pane click System 2 In the System pane...

Page 109: ...es two physical drives in one logical drive The usable capacity of a logical drive is equivalent to the capacity of one of its physical drives Combining two 1 terabyte drives for example creates a sin...

Page 110: ...bad Physical drive is not in good condition and cannot be added as part of a logical drive Foreign State Indicates if the disk is empty Logical Drive Associated logical drive In the Physical Drives p...

Page 111: ...lot numbering in Management Service differs from the slot numbering on the physical appliance The logical drive is created and is listed under the Logical Drive tab Click the refresh icon to update th...

Page 112: ...or the Management Service and XenServer and logical drive 1 which is allocated for NetScaler instances that a user will provision Disks in slots 1 and 2 create a RAID 1 pair for logical drive 0 Simila...

Page 113: ...1 where one of the drives has failed or is of ine active degraded resyncing Applies to a degraded RAID 1 where data on both the drives is in the process of being synchronized clean degraded recovering...

Page 114: ...SDX 14020 14030 Appliance To add an additional logical drive to the SDX 14020 14030 appliance 1 On the back of the SDX appliance insert the two blank SSDs of same capacity in slot numbers 5 and 6 You...

Page 115: ...instances hosted on the storage repository associated with the failed SSDs delete the logical drive replace both the failed SSDs with new Citrix certi ed SSDs and create the logical drive again To re...

Page 116: ...e allocation If your license is already linked to your hardware the license allocation process can use the hardware serial number Otherwise you must type the license activation code LAC Note You do no...

Page 117: ...cs citrix com 5 Click Get Licenses Depending on the option that you selected one of the following dialog boxes appears The following dialog box appears if you selected Hardware Serial Number The follo...

Page 118: ...hen click Get 7 Click Apply for the license to take effect Uploading your License Updated 2014 08 24 If you downloaded your license le to your local computer by accessing the licensing portal you must...

Page 119: ...e administrator credentials 3 On the Configuration tab navigate to System Licenses 4 In the details pane click Update Licenses and then select Upload License Files 5 Click Browse Navigate to the locat...

Page 120: ...ex Type of duplex operation of the interface Possible values Full Half NONE Default NONE Flow Control Auto Negotiation Automatically negotiate flow control parameters Possible values ON OFF Default ON...

Page 121: ...ce on an SDX appliance XenServer internally assigns a MAC address to a virtual interface associated with that instance the same MAC address might be assigned to a virtual interface associated with ano...

Page 122: ...aces and select the interface for which you want to set the MAC address 2 In the Modify Interface dialog box select Add MAC Address and then set the following parameters Add MAC Address Assign a base...

Page 123: ...box type the base MAC address 3 Click Apply MAC Address All the virtual instances provisioned on the appliance are restarted 4 Click Generate and then click Close To assign a MAC address to an interf...

Page 124: ...an SNMP trap destination 1 On the configuration tab in the navigation pane expand System and then click SNMP Trap Destinations 2 In the SNMP Trap Destinations pane click Add 3 In the Add SNMP Trap Des...

Page 125: ...es from any IP address on the network If you con gure one or more SNMP managers the appliance accepts and responds only to SNMP queries from those speci c IP addresses To con gure an SNMP manager 1 On...

Page 126: ...severity level You can also con gure an SNMP alarm to log the corresponding trap messages generated whenever the condition on that alarm is met To modify a prede ned SNMP alarm 1 On the Configuration...

Page 127: ...ollowing information The IP address of the SDX appliance that generated the log message A time stamp The message type The log level Critical Error Notice Warning Informational Debug Alert or Emergency...

Page 128: ...ifications Mail 2 In the details pane click SMTP Server and then click Add 3 In the Add SMTP Server dialog box specify values for the server parameters For a description of a parameter hover the mouse...

Page 129: ...stem Notifications SMS 2 In the details pane click SMS Server and then click Add 3 In the Add SMS Server dialog box specify values for the SMS server parameters The values for these parameters are pro...

Page 130: ...ration tab in the navigation pane click NetScaler Entities Virtual Servers 2 In the right pane under Virtual Servers view the following statistics Device Name Name of the NetScaler VPX on which the vi...

Page 131: ...Configuration tab in the left pane click NetScaler Entities Virtual Servers 2 In the details pane under Virtual Servers click the name of the virtual server for which you want to display the bound se...

Page 132: ...e bound virtual servers Then from the Action menu select Bound Virtual Servers Alternatively right click the service and then click Bound Virtual Servers Viewing the Status of Service Groups You can m...

Page 133: ...ab in the navigation pane click NetScaler Entities Servers 2 In the details pane under Servers view the following statistics Device Name Specifies the name of the device on which the server is configu...

Page 134: ...he details such as severity category date source and message for the each of the events To view the events navigate to Con guration NetScaler Events All Events You can view the event history and entit...

Page 135: ...xample entityup Message Description of the event Top 10 NetScaler Instances by All Events This report is a bar chart that displays the top 10 NetScaler instances according to the number of events for...

Page 136: ...ailure Events This report is a bar chart that displays the top 10 NetScaler instances according to the number of hardware failure events for the selected time scale The hardware failure events reflect...

Page 137: ...can click on the chart to drill down and view the user based authentication failures for a particular instance Configuring Event Rules You can lter a set of events by con guring rules with speci c con...

Page 138: ...esses of the NetScaler instances for which you want to define a event rule Category Category or categories of the events generated by the NetScaler instances Failure Objects Entity instances or counte...

Page 139: ...ormation You can also suppress the events for a specific time To configure severity 1 Navigate to Configuration NetScaler Events Event Configuration select the event from the list and then click Confi...

Page 140: ...aler Call Home select the NetScaler instance and click the Enable button In the con rmation page click Yes To disable the Call Home feature navigate to Con guration NetScaler Call Home select the NetS...

Page 141: ...ight pane click Call Home on the Con gure Call Home page select the NetScaler instances from the Available Instances section specify other details and click OK Polling the NetScaler Instances To poll...

Page 142: ...ponents except the BMC firmware version current and expected values are displayed as not applicable NA Name Name of the component such as CPU memory or BMC firmware version Status State condition of t...

Page 143: ...od state and is ready for use FAIL The drive has failed and has to be replaced MISSING A drive is not detected in the drive bay UNKNOWN A new unformatted drive exists in the drive bay Name System defi...

Page 144: ...are connected and working as expected Monitoring the Interfaces on the SDX Appliance You can monitor the interfaces on the NetScaler SDX appliance and take corrective action if required In the Monito...

Page 145: ...Systems Inc All rights reserved p 145 https docs citrix com Number of errors in transmitting data since the appliance was last started Rx Errors Number of errors in receiving data since the appliance...

Page 146: ...ession Login Time The time at which the current session was created on the SDX appliance Last Activity Time The time at which user activity was last detected in the session Session Expires In Time lef...

Page 147: ...o restart the Management Service 1 On the Configuration tab in the navigation pane click System 2 In the System pane under System Administration click Reboot Management Service Removing Management Ser...

Page 148: ...ical Support pane select the technical support file that you want to download 2 From the Action list select Download The file is saved to your local computer Command Line Interface support for Managem...

Page 149: ...ervers on the Management Service The extracted group name is matched with the group names on the Management Service to determine the privileges given to the user A user can belong to multiple groups I...

Page 150: ...e Create System User or Modify System User dialog box set the following parameters Name The user name of the account The following characters are allowed in the name letters a through z and A through...

Page 151: ...k Authentication Configuration 3 Set the following parameters Server Type Type of authentication server configured for user authentication Possible values LDAP RADIUS TACACS and Local Server Name Name...

Page 152: ...authentication server To con gure an external authentication specify the authentication type and con gure an authentication server Adding a RADIUS Server Note External authentication support on a Net...

Page 153: ...hosen when the authentication succeeds in addition to extracted groups Accounting Enable Management Service to log audit information with RADIUS server 4 Click Create and then click Close Adding an LD...

Page 154: ...s Maximum number of LDAP referrals to follow Enable Change Password Allow user to modify the password if the password expires You can change the password only when the Security Type configured is TLS...

Page 155: ...eters Name Name of the TACAS server IP Address IP address of the TACACS server Port Port on which the TACACS Server is running Default value 49 Time out Maximum number of seconds the system will wait...

Page 156: ...efault VLAN but you can bind the channel to VLAN 2 Note An interface must be part of only one channel A minimum of two interfaces are required to configure a channel The interfaces that form part of a...

Page 157: ...d threshold Bandwidth High Applies only to a static channel and LACP High threshold value for the bandwidth usage of the LA channel in Mbps The appliance generates an SNMP trap message when the bandwi...

Page 158: ...ing an image that is different from the one that you require In this case after restoring you must log on to the NetScaler instance and upgrade the software Important You must manually back up other f...

Page 159: ...Scaler image and documentation files Deletes all XVA images except the last image file that was accessed on the appliance Restores default interface settings Restores the default configuration of the...

Page 160: ...g on to the NetScaler instances through the CLI or the con guration utility The default admin pro le for an instance speci es a user name of nsroot and the password is also nsroot This pro le cannot b...

Page 161: ...Configuration and then click XVA Files 2 In the NetScaler XVA Files pane click Upload 3 In the Upload NetScaler Instance XVA dialog box click Browse and select the XVA image file that you want to upl...

Page 162: ...instance and later to communicate with the instance to retrieve configuration data The user credentials used in this profile are also used while logging on to the NetScaler instance by using the GUI o...

Page 163: ...necessarily correspond to the physical interface numbering on the SDX appliance For example if the first interface that you associate with instance 1 is SDX interface 1 4 it appears as interface 1 1 w...

Page 164: ...pane expand NetScaler Configuration and then click Instances 2 In the NetScaler Instances pane click Add 3 In the Provision NetScaler Wizard follow the instructions on the screen 4 Click Create and th...

Page 165: ...on different NetScaler instances do not overlap To specify the permitted VLAN IDs 1 In the Provision NetScaler Wizard or the Modify NetScaler Wizard on the Network Settings page in the Allowed VLANs t...

Page 166: ...form a cluster of hardware and virtual appliances nor a cluster of VPX NetScaler instances and SDX NetScaler instances The NetScaler instances must be of the same version which must be version 10 1 or...

Page 167: ...sters each of which has at least one NetScaler instance of the SDX appliance use the Rediscover option To add a NetScaler instance that exists on one SDX appliance to a cluster con gured on another SD...

Page 168: ...used when a SNIP is not available or use SNIP USNIP mode is disabled You can create or delete a MIP during runtime without restarting the NetScaler instance To add a MIP or SNIP on a NetScaler instan...

Page 169: ...NetScaler instance on which you want to perform the operation and then click Start or Shut Down or Delete or Reboot 3 In the Confirm message box click Yes Removing NetScaler Instance Files You can rem...

Page 170: ...All rights reserved p 170 https docs citrix com 3 In the Apply Admin Configuration dialog box in Instance IP Address select the IP address of the NetScaler VPX instance on which you want to apply the...

Page 171: ...navigation pane expand Management Service and then click SSL Certificate Files 2 In the SSL Certificates pane click Upload 3 In the Upload SSL Certificate dialog box click Browse and select the certi...

Page 172: ...Configuration click Install SSL Certificates 3 In the Install SSL Certificates dialog box specify values for the following parameters Certificate File Specify the file name of the valid certificate T...

Page 173: ...quired parameter 4 Click OK and then click Close Polling for SSL Certi cates on the NetScaler Instances If you add a new SSL certificate directly on a NetScaler instance after logging on to that insta...

Page 174: ...ach interface is on a different 802 1q VLAN Only one instance can receive untagged packets on the interface If that interface is assigned to other instances you must select Tagged on that interface fo...

Page 175: ...re a VMAC you add a VRID for an interface The Management Service internally generates a VMAC You must specify the same VRID when you configure active active mode on the NetScaler instance Important 1...

Page 176: ...g configuration and the corrective command the difference Revision History Diff Displays the difference between the base configuration file and the second configuration file Pre vs Post Upgrade Diff D...

Page 177: ...f NetScaler VPX instances 1 On the Configuration tab in the left pane expand NetScaler Configuration and then click Instances Note You can also view the properties of a NetScaler VPX instance from the...

Page 178: ...ance such as status of whether inventory from the instance is completed or whether reboot is in progress HA Master State The state of the device The state indicates whether the instance is configured...

Page 179: ...ance by determining the number of hops used to reach the instance To trace the route of a NetScaler instance 1 On the Configuration tab in the left pane expand NetScaler Configuration and then click I...

Page 180: ...Audit 2 In the Audit Log pane you can view the following details User Name The Management Service user who has performed the operation IP Address The IP address of the system on which the operation w...

Page 181: ...performed To view the task device log 1 In the navigation pane expand Diagnostics and then click Task Log 2 In the Task Log pane double click the task to view the task device details 3 In the Task Dev...

Page 182: ...following details Severity The severity of an event which could be critical major minor clear and information Source The IP address on which the event is generated Date The date when the event is gene...

Page 183: ...urces address space and bandwidth allocation Network I O on the SDX appliance not only maintains aggregate system performance but also enables complete segregation of each tenant s data plane and mana...

Page 184: ...nd 0 2 are the management interfaces 1 1 to 1 8 are 1G data interfaces and 10 1 to 10 4 are 10G data interfaces Each instance has its own dedicated physical interface Therefore the number of instances...

Page 185: ...nd 1000000 CPU Shared Interface 0 1 and 1 1 Parameter Name Values for Instance 1 To provision NetScaler Instance 1 as shown in this example 1 On the Configuration tab in the navigation pane expand Net...

Page 186: ...ated administrator and its own dedicated physical interface Therefore the number of instances is limited to the number of physical interfaces available on the appliance VLAN ltering is not required be...

Page 187: ...per second 1000000 CPU Shared Interface 0 2 and 1 1 Parameter Name Values for Instance 1 To provision NetScaler Instance 1 as shown in this example 1 On the Configuration tab in the navigation pane e...

Page 188: ...l network on a different management network Also in many cases communication between the Management Service and the instances might need to be routed through an external device such as a router You ca...

Page 189: ...tances The following gure illustrates the above use case Figure 1 Network topology of an SDX appliance with NetScaler instances in multiple networks The SDX appliance is connected to a switch Make sur...

Page 190: ...dd interface 1 1 1 1 Tagged Interface Select Tagged Select Tagged Parameter Name Values for Instance 5 Values for Instance 3 To provision NetScaler Instances 5 and 3 as shown in this example 1 On the...

Page 191: ...is part of the internal 10 1 1 x network NetScaler instances 2 and 3 are in the 10 1 200 x network and instances 4 5 6 and 7 are in the 10 1 3 x network Instances 2 and 3 each have a dedicated physic...

Page 192: ...1 3 1 10 1 3 1 XVA File NS VPX XEN 10 0 51 308 a_nc xva NS VPX XEN 10 0 51 308 a_nc xva Feature License Platinum Platinum Admin Pro le ns_nsroot_pro le ns_nsroot_pro le User Name vpx4 vpx4 Password Sd...

Page 193: ...n the Configuration tab in the navigation pane expand NetScaler Configuration and then click Instances 2 In the NetScaler Instances pane click Add 3 In the Provision NetScaler Wizard follow the instru...

Page 194: ...Base T copper Ethernet Port RJ45 also called the LOM port You can use this port to remotely monitor and manage the appliance independently of the NetScaler software Note The LEDs on the LOM port are n...

Page 195: ...le configure the computer or terminal to support the following configuration VT100 terminal emulation 9600 baud 8 data bits 1 stop bit Parity and flow control set to NONE Connect one end of the consol...

Page 196: ...display the status of the active 1G and 10G interfaces show interface 4 In the show interface command s output verify that all of the interfaces are enabled and the status of every interface is shown...

Page 197: ...age Volts 4 97 Voltage Sensor2 Volts 0 00 CPU Fan 0 Speed RPM 5929 CPU Fan 1 Speed RPM 5929 System Fan Speed RPM 5929 System Fan 1 Speed RPM 5929 System Fan 2 Speed RPM 5929 CPU 0 Temperature Celsius...

Page 198: ...ile to another computer for future reference The output of the command might be helpful in the event that you want to contact Citrix Technical Support 8 At the NetScaler command line interface switch...

Page 199: ...U on acpi0 cpu11 ACPI CPU on acpi0 NS KERN map_shared_mem_ioctl cpu 7 NSPPE 03 Reserving 596 MB for shared memory type 0 11 Run the following command to verify that the var drive is mounted as dev ad8...

Page 200: ...log license log Vendor daemon failed at startup Check var log license log Checking for SFP NIC errors Checking for Firmware errors Checking for License errors Checking for Undetected CPUs Checking fo...

Page 201: ...hard drive locks securely into the slot 10 Store the old SSD HDD pair for future handling Important The orientation of the hard disk drive is important When you insert the drive make sure that the Cit...

Page 202: ...appliance 3 Select the System node and under Set Up Appliance click Network Configuration to modify the IP address of the Management Service 4 In the Configure Network Configuration dialog box specify...

Page 203: ...Citrix Systems Inc All rights reserved p 203 https docs citrix com confirm You are now ready to provision the VPX instances on the NetScaler SDX appliance For instructions see Provisioning NetScaler...

Page 204: ...into the console port and attach the cable to it 2 On the NetScaler MPX appliance verify that the solid state drive power supplies CPU SSL cores and interfaces are operational 3 Access the console po...

Page 205: ...1e root ns df h 16 Enter the following command to run the ns_hw_err bash script This script checks for latent hardware errors root ns netscaler ns_hw_err bash 17 At the shell prompt switch to the NetS...

Page 206: ...sroot and Password nsroot 28 Select the Configuration tab 29 Verify that the System Resource section displays 8 CPU cores 4 SSL cores and 32 GB of total memory for the NetScaler SDX appliance 30 Selec...

Page 207: ...to the RS232 serial port on the appliance and the other end to the computer or terminal Note To use a cable with an RJ 45 converter insert the optional converter into the console port and attach the...

Page 208: ...not in the UP UP state enable interface 10 x where x is the new interface number 6 Run the following command to verify that the status of the power supplies is normal stat system detail 7 Run the foll...

Page 209: ...98 MB 11 Run the following command to verify the number of CPU cores depending upon your appliance root ns grep cpu var nslog dmesg boot Example root ns grep cpu var nslog dmesg boot cpu0 BSP APIC ID...

Page 210: ...tle8 ACPI CPU Throttling on cpu8 cpu9 ACPI CPU on acpi0 acpi_throttle9 ACPI CPU Throttling on cpu9 cpu10 ACPI CPU on acpi0 acpi_throttle10 ACPI CPU Throttling on cpu10 cpu11 ACPI CPU on acpi0 acpi_thr...

Page 211: ...failed at startup Check var log license log Vendor daemon failed at startup Check var log license log Checking for SFP NIC errors Checking for Firmware errors Checking for License errors Checking for...

Page 212: ...he license of your appliance is 14040 insert additional blank Citrix certi ed SSDs in slots 3 4 5 and 6 If the license of your appliance is 14060 14080 14100 insert additional blank Citrix certi ed SS...

Page 213: ...conversion process the appliance no longer has its previous working con guration Therefore you can access the appliance through a web browser only by using the default IP address 192 168 100 1 16 Con...

Page 214: ...itch to access it through the network Browse to the IP address used above and log on with the default credentials 1 Apply the new licenses For instructions see NetScaler SDX Licensing Overview Navigat...

Page 215: ...Parity and flow control set to NONE Connect one end of the console cable to the RS232 serial port on the appliance and the other end to the computer or terminal Note To use a cable with an RJ 45 conv...

Page 216: ...nd is available in the var tmp support collector_ IP_address _P_ date tar gz le Copy this le to another computer for future reference The output of the command might be helpful in the event that you w...

Page 217: ...f old and new SSDs is not supported SSDs in slot 1 and slot 2 which constitute the rst RAID pair local storage must be of same size and type Similarly SSDs in slot 3 and slot 4 which constitute the se...

Page 218: ...1999 2017 Citrix Systems Inc All rights reserved p 218 https docs citrix com...

Page 219: ...advanced security and ADC capabilities on a single platform for secure reliable access to applications by businesses business units and service provider customers The combination of VM Series on Citr...

Page 220: ...hat are part of a channel do not appear in the list of interfaces because channels are not supported on a SECUREMATRIX GSB instance You must download an XVA image from the SECUREMATRIX website and upl...

Page 221: ...nce You can start stop restart force stop or force restart a SECUREMATRIX GSB instance from the Management Service On the Con guration tab expand SECUREMATRIX GSB To start stop restart force stop or f...

Page 222: ...ild file 4 Click Upload To upgrade the instance 1 Click Instances 2 In the details pane select an instance 3 From the Action list select Upgrade 4 In the dialog box that appears select a file click OK...

Page 223: ...he ping is successful To trace the route of an instance 1 Click Instances 2 In the details pane select the instance for which you want to trace the route and from the Action list click TraceRoute The...

Page 224: ...ctor Note SR IOV interfaces 1 x and 10 x that are part of a channel do not appear in the list of interfaces because channels are not supported on a Websense protector instance You must download a prot...

Page 225: ...he Con guration tab expand Websense Protector To start stop restart force stop or force restart a Websense protector instance 1 Click Instances 2 In the details pane select the instance on which you w...

Page 226: ...box that appears select a file click OK and then click Close You can ping a Websense protector instance from the Management Service to check whether the device is reachable You can trace the route of...

Page 227: ...ghts reserved p 227 https docs citrix com To rediscover an instance 1 Click Instances 2 In the details pane select the instance that you want to rediscover and from the Action list click Rediscover 3...

Page 228: ...ded the XVA image upload it to the SDX appliance before you start provisioning the instance Make sure that you are using Management Service build 118 7 or later on the NetScaler SDX appliance Manageme...

Page 229: ...of a provisioned BlueCat DNS DHCP Server instance from the BlueCat DNS DHCP Instances pane select the instance that you want to modify and then click Modify In the Modify BlueCat DNS DHCP wizard modif...

Page 230: ...e navigate to the folder that contains the file and then double click the file 4 Click Upload To upgrade SDXTools On the Con guration tab expand BlueCat DNS DHCP 1 Click Instances 2 In the details pan...

Page 231: ...d it to the NetScaler SDX appliance Make sure you are using Management Service version 10 5 build 52 3 e or later on the NetScaler SDX appliance To provision a CA Access Gateway rst you need to upload...

Page 232: ...In the details pane click the arrow next to the name of the instance Updated 2014 11 04 You can start stop restart force stop or force restart a CA Access Gateway instance from the Management Service...

Page 233: ...u must download an XVA image from the Palo Alto Networks website https support paloaltonetworks com Updates SoftwareUpdates After you have downloaded the XVA image upload it to the NetScaler SDX appli...

Page 234: ...vice to an instance to determine the number of hops involved in reaching the instance You can rediscover an instance to view the latest state and con guration of an instance During rediscovery the Man...

Page 235: ...1999 2017 Citrix Systems Inc All rights reserved p 235 https docs citrix com...

Page 236: ...st have a basic understanding of the NetScaler SDX appliance before using NITRO To use the NITRO protocol the client application needs the following Access to a NetScaler SDX appliance version 9 3 48...

Page 237: ...un tar the le to a folder on your local system This folder is referred to as NITRO_SDK_HOME in this documentation The folder contains the NITRO libraries in the lib subfolder The libraries must be ad...

Page 238: ...quest message 2 The web service processes the REST request message 3 The NITRO web service returns the corresponding REST response message to the client application When using the SDKs the REST respon...

Page 239: ...object in all further NITRO operations on the appliance To disconnect from the appliance invoke the logout method as follows nitroservice logout The NITRO protocol can be used to con gure resources of...

Page 240: ...new network_interface interface_array 1 set_port_name 10 2 newns set_network_interfaces interface_array Upload the NetScaler instance ns result ns add nitroservice newns Retrieving Resource Details T...

Page 241: ...the name of the NetScaler instance with ID 123456a to ns_instance_new ns update_obj new ns Set the ID of the NetScaler to be updated update_obj set_id 123456a Get existing NetScaler details update_ob...

Page 242: ...p_address 10 70 136 5 newns 0 set_netmask 255 255 255 0 newns 0 set_gateway 10 70 136 1 Specify details of second NetScaler newns 1 new ns newns 1 set_name ns_instance2 newns 1 set_ip_address 10 70 13...

Page 243: ...ervice object in all further NITRO operations on the appliance To disconnect from the appliance invoke the logout method as follows nitroservice logout The NITRO protocol can be used to con gure resou...

Page 244: ..._array 1 port_name 10 2 newns network_interfaces interface_array Upload the NetScaler instance ns result ns add nitroservice newns Retrieve Resource Details To retrieve the properties of a resource on...

Page 245: ...e name of the NetScaler instance with ID 123456a to ns_instance_new ns update_obj new ns Set the ID of the NetScaler to be updated update_obj id 123456a Get existing NetScaler details update_obj ns ge...

Page 246: ...ewns 0 ip_address 10 70 136 5 newns 0 netmask 255 255 255 0 newns 0 gateway 10 70 136 1 Specify details of second NetScaler newns 1 new ns newns 1 name ns_instance2 newns 1 ip_address 10 70 136 8 newn...

Page 247: ...You can update the state of an existing resource by specifying the URL that identifies that object and its new state in JSON or XML using the PUT HTTP method Delete You can destroy a resource that exi...

Page 248: ...nect from the appliance use the DELETE method URL https 10 102 31 16 nitro v1 config login HT T P Method DELETE Cookie SESSID 78C060 Updated 2014 06 11 The NITRO protocol can be used to con gure resou...

Page 249: ...e lter property1 value property2 value If your request is likely to result in a large number of resources returned from the appliance you can retrieve these results in chunks by dividing them into pag...

Page 250: ...er instance with ID 123456a URL http 10 102 31 16 nitro v1 config ns 123456a HT T P Method GET Cookie SESSID 78C060 Response Payload errorcode 0 message Done ns name vpx1 id 123456a ip_address 192 168...

Page 251: ...g behaviors Exit When the first error is encountered the execution stops The commands that were executed before the error are committed Continue All the commands in the list are executed even if some...

Page 252: ...ission superuser Updated 2014 06 11 The errorcode eld indicates the status of the operation An errorcode of 0 indicates that the operation is successful A non zero errorcode indicates an error in proc...

Page 253: ...1999 2017 Citrix Systems Inc All rights reserved p 253 https docs citrix com errorcode 1 message IP address is missing...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands