Applying HDX Policy's based on Access Gateway Connection

The following article illustrates how to apply certain policies (eg: disable access to local drive, printers, clipboard etc..) for users connecting from home (through Citrix Netscaler / Access Gateway)

Step 1

Ensure xendesktop controllers configured to trust requests sent to the Citrix XML service. This can be done by executing the following powershell command on the each controller

Set-BrokerSite -TrustRequestsSentToTheXmlServicePort $true

Step 2

Set Netscaler / Access Gateway as the point of authentication for your XenDesktop Web site.
Secure Access with Gateway Direct – CTX121360

Step 3

Create HDX User policy in Desktop Studio and Apply the following filter

Note: policy with lowest priority number always wins, In my case I made it Priority 1.


I tested this approach by creating two policies
1) WAN with Priority 1 and only applied to Access Gateway connections
2) Unfiltered with Priority 2
policy 1 had Extra Color Compression Enabled while Policy 2 had Extra Color Compression disabled
The policy worked as expected, when connected via Netscaler it had Extra Color Compression enabled and was disabled when connected internally.

A step further

Even more granular control over policies can be achieved by utilizing Access Gateway Session policies, refer to the following link for more information

Join the Conversation

1 Comment

Leave a comment

Your email address will not be published. Required fields are marked *

WordPress Appliance - Powered by TurnKey Linux