Customize Logon Page for Each NetScaler Gateway Virtual Server and Redirect Users Based on Each

Posted on by 0 comment

Knowledge Center

Applicable Products

Objective

This article helps you customize a different logon page for each VPN virtual server hosted on NetScaler Gateway, and configure the NetScaler appliance to redirect users to the customized page based on the FQDN.

Prerequisites

The NetScaler Gateway must be licensed for the Responder feature to address this scenario. To ensure that the NetScaler Gateway appliance is licensed for the Responder feature, complete one of the following tasks:

From the GUI, expand the System node and click Licenses. In the Licenses page, verify if the Responder feature is enabled, as shown in the following screen shot:

Run the following command from the Command Line Interface:

Verify if the Responder feature is enabled, as shown in the preceding screen shot.

Background

There are situations where more than one VPN virtual servers are hosted on the NetScaler Gateway appliance. You might want to customize a different logon page for each VPN virtual server.

In this example the following VPN virtual servers are hosted on the NetScaler Gateway appliance. VPN virtual server example.com is configured for Lightweight Directory Access Protocol (LDAP) authentication. The logon page is displayed as shown in the following screen shot:

When VPN virtual server example.org is configured for RADIUS and LDAP authentications, the logon page is displayed as shown in the following screen shot:

You must change the passcode field to password on the VPN virtual server example.com .

However, if the logon page is customized, it affects the VPN virtual server example.org . It is recommended to keep the logon page unchanged, otherwise it appears as shown in the following screen shot:

This article helps you customize a different logon page for each VPN virtual server hosted on NetScaler Gateway, and configure the NetScaler appliance to redirect users to the customized page based on the FQDN

Instructions

To customize a different logon page for each VPN virtual server hosted on the NetScaler Gateway appliance and configure the NetScaler appliance to redirect users to the customized page based on the FQDN, complete the following procedure:

To enable the Responder feature on the NetScaler appliance, complete one of the following tasks:

From the Command Line interface, run the following command:

From the GUI, navigate to System Settings. In Modes and Features, select Configure Advanced features (ensure that you select the Responder feature), click OK, and then click Close.

You can create multiple index.html and login.js files for multiple logon page for each VPN virtual server.

Navigate to /netscaler/ns_gui/vpn folder using a secure copy utility like WinSCP. Retain the default index.html and login.js files for VPN virtual server example.org .

Create index_modified.html and login_modified.js files for the VPN virtual server example.com .

Using a text editor modify the line 7 of index_modified.html file to refer to the new login_modified.js file as shown in the following screen shot:

Customize the logon page for each VPN virtual server (example.com and example.org) by referring to the following article:

To configure a Responder Action where you redirect users accessing https://example.com to the modified index.html file, complete one of the following tasks:

From the command line interface run:

add responder action redirect_remotesite redirect \ https://example.com/vpn/index_modified.html\

Enter a name for the action.

Enter the target URL as https://example.com/vpn/index_modified.html .

Note: Ensure that you include the quotes.

To configure a Responder Policy to define the condition that redirects users, complete one of the following tasks:

Note: Ensure you include the URL condition, otherwise you might experience issues such as loops.

From the command line interface, run the following command:

add responder policy redirect_remotesite_policy HTTP.REQ.HOSTNAME.EQ(\ example.com\ ) HTTP.REQ.URL.CONTAINS(\ index.html\ ) redirect_remotesite_action

From the GUI, complete the following procedure:

Enter a name for the policy.

In the Action field, select the action you defined previously.

In the Expression field, enter the following expression:

To bind the policy globally, complete one of the following tasks.

From the command line interface, run the following command:

bind responder global redirect_remotesite_policy 1 END -type REQ_DEFAULT

From the GUI, complete the following procedure:

Select Default Global Insert Policy and select the Responder Policy you created.

Double-click the Priority field to define the Priority.

Users accessing https://example.org are redirected to https://example.org/vpn/index.html.

Users accessing https://example.com are redirected to https://example.com/vpn/index_modified.html.

To make the changes persistent after you restart the appliance, complete the following tasks:

Create a new folder to hold the customized logon files of NetScaler Gateway virtual server.

For example, in this case the folder is named as customizations and stored in the /var directory:

Using a text editor, create the text file named rc.netscaler with the following single line of content:

#cp -R /var/customizations/* /netscaler/ns_gui/

Note: Make sure there are no blank lines after this line.

Connect to the appliance using WinSCP, and copy all the folders from directory /netscaler/ns_gui to directory /var/customizations.


Category: News | Tags: ,

Leave a Reply

Your email address will not be published. Required fields are marked *