IP address or FQDN

There are times when configuring some Citrix products (Secure Gateway, Access Gateway, Web Interface) where you are presented with the option of using an IP address or FQDN for the Secure Ticket Authority. Most of us will pause for a moment and think about the ramifications, pros and cons, of using either of those options. Citrix’s view on this is straight forward and as a best practice recommend using the IP address. You can see why this would be the case if you spend a fair amount of your time troubleshooting issues on a daily basis regardless of whether or not you are working on a Citrix, Microsoft or an application issue. The key word is variable. When going through your normal troubleshooting process you try to remove as many variables as possible from the equation. When you use the IP address you eliminate the name resolution aspect from the process.

Now I know you FQDN evangelists are out there and I prefer to use names where ever possible myself, but if you properly document your network, systems and their interactions with each other, then you don’t have anything to worry about. When it comes time to make an IP address change, with the proper documentation you will  be able to make a detailed work plan which will incorporate all of the systems and the changes needing to be completed.

As a side note I am a consultant and what I find out in the field is a mixture of both IP addresses and FQDNs being used for the STAs. Either way there are a number of times I find where previous admins/engineers/consultants are not maintaining the STA lists, regardless if they used the IP address or FQDN. If you don’t maintain these lists they will cause issues relating to logins or erratic behavior when launching Published Apps.

– CG3

Comments are closed.