In this scenario, our NetScaler VPX will load balance for a pair of Exchange 2010 (SP3) servers but the general concepts would apply to Exchange 2013 and 2016 as well. In fact, the Exchange servers themselves usually do not require additional configuration to interact with the VPX. Most often, it is simply a matter of designating them as "Servers" to which SMTP, RPC, SSL and possibly POP/IMAP traffic will be forwarded. "SSL Offloading" and work with SSL certificates in general are two examples where we might have to work on the Exchange servers themselves.
I will concentrate on the following aspects in this blog post and in following posts: installation and initial configuration of the NetScaler VPX, configuration of load balancing for various types of traffic (SMTP, RPC, SSL) and possibly some experiments with certificates.
At the end of this first blog post, I will provide a list of NetScaler VPX resources (see below).
Step 1: download and import VPX into the hypervisor
The first step is to download the "NetScaler VPX Express" virtual appliance package at this URL:
Expand the version number and select the image compatible with your hypervisor (XenServer, ESX, HyperV, etc.). For VMware Workstation, we would use the ESX version.
I downloaded version 11.0-64.34 (for ESX):
Note: this is, of course, for a practice environment, the objective being to become better acquainted with the Citrix NetScaler. It is very unlikely that VMware Workstation would ever be used otherwise as a host for VPX.
I extract the content of the .zip file which leaves me with these three files:
If necessary, I copy these files to another location and then import the virtual machine from inside VMware Workstation: File | Open (browse to the .ovf file shown above).
We now have a NetScaler VPX virtual machine with the following configuration:
It is often recommended to remove the second network adapter since licensing is based on the MAC address and having two network adapters can apparently cause confusion. So I will remove the second NIC, at least for the time being.
Only then can we logon, using the default username nsroot and password nsroot (yes, both username and password are nsroot):
Step 2: initial configuration (IP addresses, DNS, hostname, licensing)
After logon, the first thing we may see is a message about the "Citrix User Experience Improvement Program", which we can close.
Next, I'll assign a hostname, a local DNS server, and the time zone (UTC by default):
This is the URL where we can obtain a (free) VPX Express license:
Click on Get License (you may have to scroll to the bottom of the page):
There is a serial number - click on it:
So I do this (type "hostname" at the command prompt which gives us NSVPX1):
Note: in the web interface, we can see the MAC Address under:
NetScaler > System > System Information
We then enter NSVPX1 in the Host ID field:
And obtain this result:
*** We need to use the MAC address - NOT the
Click on download...
Note: save the file to a location on the local computer (I will not demonstrate how to download a license file here). The license file should look something like this:
Returning to the NetScaler web interface, we click on the number 4 to the right of the licensing section (unfortunately cut off in my screenshot):
We must reboot the NetScaler at this point, so click on the blue Reboot button and be sure to save your configuration:
NetScaler VPX resources
We can access Citrix documentation at this URL (select the product and product version):
Here is the section for the NetScaler VPX:
Citrix Education courses
I was fortunate enough to attend an official Citrix NetScaler training course (instructor led):
CNS-205 - Citrix NetScaler 11.0 Essentials and Networking
Implementing NetScaler VPX by Marius Sandbu
Mastering NetScaler VPX by Marius Sandbu
Video training (3rd party)
CBTNuggets offers a course which I found useful for my objectives:
Citrix VPX Forum
Lastly, I am certainly not the first to blog about the Citrix NetScaler. There is an abundance of other blog posts and videos of varying quality available online.