Google updated their phishing method and all subdomains of sharefile.eu are affected. This has been…
Designchanges in SplitVPN for Endpoint Management MAM SDK
Solving SplitVPN Issues with Citrix Endpoint Management
In today’s digital world, secure and efficient management of mobile devices is essential. One of the common challenges faced by many IT departments involves the configuration and operation of VPN solutions in combination with endpoint management systems. Recently, we encountered such an issue with one of our clients who experienced problems with SplitVPN in a Citrix environment.
Problem Overview
The client reported that SplitVPN was no longer functioning. After switching to the MAM SDK on the Secure Apps none of the apps was able to send traffic to the infrastructure, while external traffic worked. The original SplitVPN configuration was based on IP address ranges, with all internal IPs configured as published apps on the NetScaler for Endpoint Management. After thorough analysis it was revealed that a design change in the Citrix MAM SDK (Mobile Application Management Software Development Kit) was the root cause.
Technical Background
The design change specifically affects the Intranet Applications fields, where customers configure records with split tunnel enabled as defined in Citrix Docs . Previously, in the legacy MDX mode, all traffic associated with these IPs was automatically directed to the gateway accessing it from the NetScaler SNIP. In the new MAM SDK mode, traffic is not routed to the gateway unless the corresponding intranet apps are created with hostnames (e.g., *.domain.com).
Steps
- Open your NetScaler Configuration
- Switch to NetScaler Gateway, Ressources, Intranet Applications and Hit „Add“
- Add the internal Namespace and click Create
- On the gateway, add the configuration unter Intranet Applications
- Remove all other, not hostname based entries
Dieser Beitrag hat 0 Kommentare