Beacons in Citrix StoreFront are being used to detect if the user is trying to access the store from a local or public network. When doing Virtual App and Desktops implementations I like to configure a single FQDN setup for the Citrix Gatway and the StoreFront URL (Example: https://citrix.company.com). With this URL the end users will always be able to launch their published resources doesn’t matter if they are located inside the company or surfing via a public Wifi. The default setting is that the internal beacon URL is the service URL specified in the Citrix StoreFront console.
This is going to be a problem if we want to achieve a true Single FQDN setup. We need to point the internal beacon to a different URL which is high available otherwise the Self-Service will stop working and the users are not able to launch their applications and desktops anymore.
At this state we have two possibilities to configure the beacon:
Option #1 – Easy Approach
– Create a DNS A-Record and point it to the StoreFront Load Balancer VIP
Example: citrixbeacon.company.com -> 192.168.2.130
– Internal Beacon is configured to https://citrixbeacon.company.com
(Note: The beacon traffic can go over HTTP or HTTPS – Just make sure the Common Name/DNS attribute of the SSL certificate is matching otherwise it will not work)
This is the most easy configuration. But it will not work in all environments. I have seen some customer where the external DNS is responding to all kind of A-records even if they are not registered. Let me show you what I mean:
We have not registered “123456.company.com” neither “citrixnotavailable.company.com” in our DNS server but they are getting resolved which is bad for our intention. With this behavior the beacon detection will simply not work and we need to operate with a DNS domain which is only resolvable inside the corporate network. Thats where I came up with the idea to use the Citrix ADC to create a high available beacon/network detection service which is independent from the Citrix StoreFront Load Balancer.
Option #2 – ADC Approach
We are goint to create a Load Balancing vServer which is responding with a simple HTML page. This is how the end result will look like:
1.) Create a HTML Page (AppExpert >Responder > HTML Page Imports)
2.) Create a Responder Action & Policy
3.) Create a LB vServer and bind the responder policy
4.) Create a DNS-Record for Network Detection Service
5.) Configure the StoreFront Beacon