Monthly Archives: April 2010

You are browsing the site archives by month.

Citrix Branch Repeater VPX Licensing Tutorial

I recently implemented both the new Citrix Access Gateway (CAG) VPX and the Branch Repeater VPX within our development lab. Both are “virtual appliances” designed to run directly on a XenServer host. Both are impressive products and work great – in fact, we can use “live motion” to move the CAG between XenServers while running video in a XenDesktop session with not even a pause in the video playback. The CAG moves with no interruption in service. NONE!

But this isn’t just a post to sing the praises of the virtual appliances. Rather, it’s about LICENSING!!! Specifically, licensing the Branch Repeater VPX.

As with many Citrix products, obtaining the license and getting it properly installed is not necessarily easy and intuitive…and in many cases (particularly with new products), we’ve found that the Citrix licensing support team does not know all the ins and outs of licensing a specific product either. That is not intended as a slam on this team. They do the best they can – but Citrix is a big company now, and sometimes it takes a while for information on new products to filter down to the front-line troops. In this case they worked with me for quite some time until we got this figured out (so there is at least one guy on the Citrix support team who now knows how this works).

So…now that I’ve gone through the pain, I thought I’d try to spare you from it if I can. (You’re welcome.)

One complication you’ll encounter is that, depending upon what you’re attempting to accomplish, these appliances may require one license or two. For example, with the CAG, if you are only going to use it for running secured sessions to a web interface (the equivalent of the legacy Citrix Secure Gateway) then you only need a “platform license.” However, if you also plan to run SSL VPN sessions though the CAG, you will need Access Gateway Universal licenses for your users, which will be rolled into a second license file.

Access Gateway licensing isn’t new and it’s pretty well understood. But what about the Branch Repeater? Just as with the CAG, the Branch Repeater may require one license or two, depending upon the functionality you need. If you are going to use the Branch Repeater VPX to connect to another (physical or virtual) Branch Repeater then you only need a platform license. However, if you want to take advantage of its ability to support client PCs that use the Branch Repeater Plug-in, you will need a second license to enable that feature. So we finally come to the topic of this post: how do you get the license file(s) onto your new Branch Repeater VPX?

First, you must log onto the “MyCitrix” web site with your account credentials, and access the Licensing Tool Box to activate and allocate the license. That part of the process is well documented, and if you’re a Citrix customer, you’ve probably done it at least once. The tricky part is what you have to do to download the VPX license file, what you need to enter in the Repeater itself, where to put it, and what you should see.

Here’s what we learned (NOTE: Click on any graphic to view full-sized):

  1. On the Branch Repeater VPX Web-based management interface, access the “Manage Licenses” screen, and in the right panel, choose “local” as shown below, and click the “Apply” button.
    License Server Configuration

    License Server Configuration

  2. Then click on the “License Information” tab and you will see something similar to this next image. What you will need from this screen is the “Local License Server Host Id:” Write down this information – you will need it in the next step.
    Information Used for License Management

    Information Used for License Management

  3. Now you can download the license file from your “MyCitrix” portal. Save it to your PC, and make a note of where you saved it. As part of the process of downloading the license, you must enter the license server ID. Traditionally, you would enter the name of the Citrix license server in this field (and it was case-sensitive, which tripped up a lot of users). But in this case, the system is expecting the MAC address of the Branch Repeater VPX itself…which is what you just copied in Step 2. Another difference is that in the past the License Server Host Type was always set to “HostName.” However, there is now a drop down box with a second choice, “ETHERNET.” For the Branch Repeater VPX, you want to select “ETHERNET,” and then enter the host id that you wrote down in Step 2:
    Downloading the License File from MyCitrix

    Downloading the License File from MyCitrix


    In case you’re wondering, the MAC address we’re using is the address of the first interface on the Branch Repeater VPX, as displayed in XenCenter. If you want to find it in XenCenter click on the VM in the left column and then select the Network tab in the right window and you should see it there:
    XenCenter Display

    XenCenter Display

  4. Now that you have your license downloaded to your local PC, you need to add it to your Branch Repeater. Access the “Local Licenses” tab and click the Add button (note that you will not see all the content in the window as shown here until you’ve added your license):
    Local Licenses Display

    Local Licenses Display


    After you click Add, this screen will appear and you will need to browse to the location where you saved your license file, and click the “Install” button:
    Add License

    Add License


    Now the “Local Licenses” tab should be populated with content:
    Local Licenses Display

    Local Licenses Display


    Next, go to the “Licensed Features” tab. You should see your features listed as shown below:
    Licensed Features

    Licensed Features

  5. As mentioned earlier, if you plan to support client PCs that have the Branch Repeater Plug-in, you will need another license to enable this feature. Once again you will need to go to your MyCitrix portal and follow the same procedure as you did for your platform license to obtain the Plug-in license. Once you have the Plug-in license you will need to add it to the Virtual Appliance in the same manner as you added the platform license. Once that’s done, if you click the down arrow under “Local Licenses” you will see both licenses:
    Manage Licenses Screen

    Manage Licenses Screen


    Finally, if you click the “Licensed Features” tab, both licenses should show up with the number of licenses available:
    Licensed Features

    Licensed Features

This should be all you need to get the Branch Repeater VPX licensed. Now you just need to get it configured correctly… but that’s another blog post.

Looking For the Citrix Acceleration Client for Win 7?

We’ve been working with the new Branch Repeater VPX virtual appliance, which supports the Branch Repeater client plug-in (unlike the hardware Branch Repeater appliances).

Since Moose Logic is a Microsoft Gold Partner, and we like to keep up with the latest releases, most of us have been running Windows 7 for a while now. But when we went looking for a Win7-compatible Branch Repeater plug-in for the Citrix Receiver, we had a tough time finding it.

It does exist, though, and now that we’ve tracked it down, we though we’d share with you just where it’s hiding in case you’ve been searching too.

The first thing to note is that, when you go to the Citrix download site, and search for downloads by product, you will see that the “Citrix Branch Repeater” and the “Citrix Repeater (formerly WANScaler)” are listed separately – and, since products are listed in alphabetical order, they’re quite a ways apart in the list (click on graphic to view full-size):

Downloads by Product

Downloads by Product


If you choose “Citrix Branch Repeater,” which is what we initially did, since we were working with the Branch Repeater VPX, the latest plug-in you will see listed is v5.0.34, which is not Win7-compatible:
v5.0.34

v5.0.34


So the secret is to choose “Citrix Repeater (formerly WANScaler)” from the product selection drop-down. Then you’ll see several later versions of the plug-in, including v5.5.2, which is Win7-compatible:
v5.5.2

v5.5.2


Oh, and if anyone from Citrix is reading this: Please – just get rid of the plug-ins listed under “Citrix Branch Repeater,” or, better yet, either have a redirect, or a line that says “Please see ‘Citrix Repeater (formerly WANScaler)’ for Branch Repeater plug-ins.” It will make life much simpler for everyone. Thank you.

Scareware, Ransomware, and How to Avoid It

There’s a new piece of malware going around that falls into the “ransomware” category. This one locks down the user’s desktop, and displays a message warning that copyrighted content has been detected on the PC. It then attempts to extort $400 from the user as a “copyright holder’s fine,” while emphasizing that “the maximum penalties can be five years in prison and up to $250,000 in fines.” You can read more about this particular piece of malware in Dancho Danchev’s blog post over on ZDnet.

According to an earlier post by the same author last September, “scareware” and “ransomware,” have emerged as “the single most profitable monetization strategy for cybercriminals to take advantage of.” In general terms, scareware usually takes the form of fake security software – like the infamous “Antivirus 2008.” It is spread almost entirely through “social engineering” tactics that attempt to entice you to visit a compromised Web site. It attempts to trick you into believing that your computer is already infected with malware (or has some other problem, like the fake copyright violation angle), and that purchasing the fake security application or otherwise giving them money will solve the problem.

Some of this malware will prevent your legitimate security software from loading, and from being updated. Some will also attempt to prevent you from running system tools or third-party security applications, which makes it even more difficult to get rid of. Some even encrypt your files and attempt to extort money from you in order to decrypt them.

Needless to say, this is an extremely dangerous, and insidious, form of malware, and one that you want to avoid at all costs. To that end, I highly recommend Danchev’s September post, entitled “The ultimate guide to scareware protection.” It will help you understand what it is, how to recognize it, how it attempts to reach you, and how to avoid it, and provides a helpful gallery of images of many of the variants so you can spot them if they happen to pop up.

Blog Authoring tool Verdict

This is my second test of a Blog Authoring tool or as this one is called a “Blog Entry Poster” for the Linux Gnome Desktop Environment. This post is uploaded to our WordPress blog site using Gnome Blog Entry Poster on a Sabayon Linux machine.

I have only tried two Blog Authoring tools, and so far I like them both. Windows Live Writer is a fine product with a nice array of features and Gnome Blog Entry Writer is a simple app that lives in the Panel on my Sabayon Linux desktop. It’s spartan (or better yet it “has a simple elegance!”), but it does at least have a spell checker, the single most important feature I would say! Both of these applications make it easy to send off a blog post from my desktop and are a breeze to use!

Windows Live Writer First Impressions

Windows Live Writer worked so well it brought a tear to my eye!  (phrase farmed from www.centernetworks.com/wordpress-desktop-blogging).