Here is a summary of the Virtual Services:

  • StoreFront Gateway: This Virtual Service is the main endpoint and will identify whether the client is connecting using Citrix Workspace/Receiver or using a browser. This Virtual Service IP address will be configured for your external DNS record, for example citrix.domain.com which will NAT to your Virtual IP address. Depending on the template selected, the StoreFront Gateway Virtual Service consists of several Sub Virtual Services:
    • StoreFront Browser Auth ESP: Handles front-end authentication using the Edge Security Pack (ESP) for protocols such as RADIUS and LDAP.
    • StoreFront Browser Launch HTML5 App: Handles the rewriting of the ICA file where a HTML5 WebSocket connection had been detected.
    • StoreFront Workspace-Receiver Pass Through: Handles pre-requests for Workspace/Receiver ESP front-end authentication.
    • StoreFront Workspace-Receiver Launch App: Handles the rewriting of the ICA file where the Citrix Workspace/Receiver application has been detected.
    • StoreFront Workspace-Receiver Auth ESP: Handles front-end authentication for Workspace/Receiver.
  • Secure Listeners: The Citrix StoreFront Gateway template also creates ten (10) individual Secure Listeners which will listen on a secure port such as port 4431 and forward the connection to your VDI server on port 2598. The Citrix StoreFront Gateway - HTML5 template also creates ten (10) Secure Listeners, five (5) Secure Listeners to handle native ICA 2598 traffic, and five (5) Secure Listeners to handle HTML5 web socket 8008 traffic. These listeners correspond to specific internal VDI servers. This is explained in the Secure Listeners section of this document.
  • Content Rules: The template creates several content rules with the name starting Citrix_ to support the Virtual Services and Secure Listeners. No content rules are created by the Citrix StoreFront Internal template.
  • Citrix StoreFront Internal: This Virtual Service is used to handle internal StoreFront connections. When a client launches an application through StoreFront the client connection is forwarded directly to the server.