Netscaler Knowledgebase

Hello

Has anyone successfully got a Netscaler to work with Domino web applications or inotes in clientless vpn mode on a netscaler ?

I know the issue sits around rewriting URL's but I have very limited knowledge of how to do this.

Hi there many thanks for your reply.  The problem is im not exactly sure what URL's are breaking.  I have run a nstrace from the netscaler and can see the URL's being requested but i cant determine which ones are breaking. 

I cant post the whole capture because there is some sensitive information in the file.  Are there any other tools you could recommend to work out which URL's are breaking ?

Please be very specific about what the source URL and what the DST url is

i assume that the source is

https://mydomain.com.au:443/cvpn/aHR0cDovL21lbG5zMDEucnNtaS5jb20uYXU/mail/gdesilva.nsf?OpenDatabase"


I got no clue on what you want that url rewritten into.

Many thanks for your reply

Just to clarify

The /cvpn/hash is dynamically created by the netscaler and will change on each new request by a user so in the rewrite i would imagine the /cvpn/hash needs to be some form of variable ?  please note where ever i mention /cvpn/hash im refering to the netscaler hash that is used to mask the hostname of the internal server.

The source URL is indeed https://mydomain.com.au:443/cvpn/hash/mail/%username%.nsf?OpenDatabase"

We need to search for the following string in the page that is returned

AAA.sDbUrl=AAA.EuR + 'mail/%username%';AAA

We then need to rewrite AAA.sDbUrl=AAA.EuR + 'mail/%username%.nsf';AAA as

AAA.sDbUrl=AAA.EuR + '/cvpn/hash/mail/[a-z0-9].nsf';AAA  (im not sure if [a-z0-9] is a valid netscaler expression to represent a string match of alphanumeric characters)

I hope this makes sense

Hi thanks for taking the time to respond unfortunately what you mentioned above is not quite correct for my requirement. 

I did a little more searching around and found this post here: http://www.netscalerkb.com/netscaler-qa/rewrite-http-response-9-2/msg2354/#msg2354 which is more like what I need.

I still need to understand how to reference the username and the /cvpn/hash as a regular expression in the find and replace areas.

Note: %username% can be any characters and is only referenced here as a place holder

Note: /cvpn/hash is the automatically generated string and will look something like this /cvpn/aHR0cDovL21lbG5zMDEucnNtaS5jb20uYXU/cvpn/aHR0cDovL21lbG5zMDEucnNtaS5jb20uYX
I  found this which might be usable as the variable that represents /cvpn/hash/ = VPN.CLIENTLESS_BASEURL.CVPN_ENCODE (PG 79: http://support.citrix.com/servlet/KbServlet/download/23195-102-647795/NS-PolicyConfig-Guide.pdf)


/////////////I THINK THIS WHAT I NEED///////////

add rewrite policy rw_pol_Lotus_Domino_login "HTTP.RES.BODY(5000).CONTAINS(\"/AAA.sDbUrl=AAA.EuR + 'mail/%username%.nsf';AAA/\")" rw_act_Lotus_Domino_login

add rewrite action rw_act_Lotus_Domino_login replace_all "http.RES.BODY(50000).SET_TEXT_MODE(ignorecase)" "\"AAA.sDbUrl=AAA.EuR + 'cvpn/hash/mail/%username% .nsf';AAA"\"" -search "text(\"AAA.sDbUrl=AAA.EuR + 'mail/%username% .nsf';AAA\")"

bind lb vserver vpn -policyName rw_pol_Lotus_Domino_login -priority 80 -gotoPriorityExpression END -type RESPONSE