Citrix recently published Cloud Network Locations to get back some "SmartAccess" options customers had with Netscaler ADC. With the Network Locations set, you can use TAGs to enable or disable policies, for instance. This is nice for a company with owned fixed public IP-addresses, but what if you have a dynamic IP-address that might change now and then? Here is a solution that I use myself.
Cloud Network Locations are brand new, so everything works... or not in my case. To change Network Locations, you need the NLS2.psm1 Powershell module at Github - NLS2.psm1. I used the module, but I always got error 403 Forbidden! I checked everything twice, but couldn't find any issue with the script. Therefore, I checked the module and the base URL for the rest call was https://trust.citrixworkspacesapi.net. I used the URL in a browser and was surprised by the message:
"message": "Bad request to endpoint 'https://trust-westeurope-release-b.citrixworkspacesapi.net/root/tokens/clients'. Endpoint is not globally aware. Caller needs to use geo-specific address. Address requested was 'https://trust.citrixworkspacesapi.net/root/tokens/clients'
In the NLS2.psm1 module, I changed the base URL to https://trust-westeurope-release-b.citrixworkspacesapi.net and the script worked!
Here the Powershell script in a Nutshell:
$CurrentPubIP = (Invoke-WebRequest ifconfig.me/ip).Content.Trim()
Import-Module c:\path\nls2.psm1 -Force
$clientId = "<Citrix Cloud client ID"
$customer = "<Citrix customer ID"
$clientSecret = "<Citrix Cloud client secret>"
Connect-NLS -clientId $clientId -clientSecret $clientSecret -customer $customer -Verbose
(Get-NLSSite)[0] | Set-NLSSite -ipv4Ranges @("$CurrentPubIP/32")
Complete script at Github
https://github.com/Koetzing/Powershell-Scripts/blob/main/update-citrix-nls.ps1