Netscaler Upgrades - GOTCHA

So tonight, I will be finally upgrading from Netscaler 11.0 to 12.0. Long story as to why we haven't. But anyway, one of the biggest gotchas of upgrading Netscalers is licensing. If you reboot a Netscaler box and it does not have the proper licensing, then you will get the oops you can't do anything when it comes back up.  I absolutely love this guy's blog because he lists how you can check your licensing before you make that epic mistake.

I'll post more tonight after I've done the upgrade.
[5 hours later]
So it was not as bad of an upgrade as I would have thought. I will post some screen shots on Monday. But some observations, VPX 11.0 actually did some weird things using the GUI upgrade method. I transferred the firmware on to the appliance within the nsinstall folder. But inside the GUI, it tried to append additional folder paths that didn't exist. This did not occur during the upgrade on the MPX.

Another observation is opening the GUI right after presents strange formatting. So remember to either clear your cache or close your browser windows after you do an upgrade. You will think you messed something completely up when you log in and the formatting is all over the place.

Another gotcha was we use some customization within the VPN portal. We added a placeholder for the user name field. This did not copy over. It gets overwritten during the upgrade. So if you've made any changes within the vpn/js folder, then you'll want to make sure you back it up.

Also, the SSL certificates are now structured differently. Don't have a complete panic when you upgrade and only a few of your certificates are listed. This is because the new SSL>Certificates only lists Server certificates. To view your CA certificates, then you go to SSL>CA certificates. I had a minor panic moment, but all is well. If you request that the machine reboot after a successful upgrade, then you will not get to see the success of the upgrade. You will just suddenly not get any feedback on the screen and it will appear stuck. Just refresh and you'll see that the appliance is down.

Some other things that are interesting about this version are the favorites! We all have the same sections we visit frequently inside the Netscaler GUI. Well now you can favorite those sections and quickly jump to them. Also, the interface is quite sleek. If you've already used Netscaler MAS 12.0 then you'll be familiar with the layout. I also like the check for updates section. I do not like the fact that clicking on node in HA will open the node for editing. Actually clicking on any item inside the interface opens the item instead of just selects it. I'm so used to clicking the item to select it and then clicking Add or Edit.  I like to select an item and then select Add because it duplicates the item allowing for edits to create a new item.

The "new" Adaptive TCP feature definitely seems promising. This was available in 11.1 starting with build 51.21, but was recommended that you at least be at 11.1 build 55.10.
Other requirements for Adaptive TCP (taken from Adaptive Transport Product Documentation):
  • XenApp and XenDesktop: Minimum version 7.16. 
  • VDA for Desktop OS: Minimum version 7.13.
  • VDA for Server OS: Minimum version 7.13.
  • StoreFront: Minimum version 3.9.
  • Citrix Receiver for Windows: Minimum version 4.7 (EDT and TCP in parallel require minimum version 4.10 and Session Reliability).
  • Citrix Receiver for Mac: Minimum version 12.5 (EDT and TCP in parallel require minimum version 12.8 and Session Reliability).
  • Citrix Receiver for iOS: Minimum version 7.2. 
  • Citrix Receiver for Linux: Minimum version 13.6 for Direct VDA Connections only and minimum version 13.7 for DTLS support using NetScaler Gateway (or DTLS for direct VDA connections).
  • Citrix Receiver for Android: Minimum version 3.12.3 for Direct VDA Connections only.
  • IPv4 VDAs only. IPv6 and mixed IPv6 and IPv4 configurations are not supported.
So for all of the times that I've done these things, I will say I enjoyed this upgrade way more than the others.  Hope this helps!!! Talk to y'all later.

No comments:

Post a Comment


Don't stop upgrading... I have noticed over time that many organizations are picking LTSR and forgetting to upgrade. I have updated quit...