• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 385
  • Last Modified:

Norton Personal Firewall and the outbound ports for a Citrix connection

I have limited time to learn a program for my office so I have installed the trial program on my home computer.  However, every time I try to access the program i get the message : ICA file not found. This is Citrix and Terminal services (I hope I said that correctly). My firewall is Norton Personal Firewall and I was told to open ports UDP 1604 and TCP 1494 but when I tried, it seems I failed.

Also, even when Norton firewall is disabled I get the same message.

Can anyone walk me through the opening of these ports?  Thank you for your time.
2 Solutions
Tim HolmanCommented:
List of Ports Used by Terminal Server.  You're missing TCP:3389 ?

Clients                   Static ports
--------                    ------------

RDP Client (Microsoft)      TCP:3389 (Pre Beta2:1503)
ActiveX Client (TSAC)       TCP:80, 3389
ICA Client (Citrix)         TCP:1494
NOTE: Terminal Server uses port 3389.
ModellAuthor Commented:
umm, Tim?  I don't have a clue what you are talking about.  I need someone to help walk me through opening ports in Norton Personal Firewall without expecting me to fully understand what I'm doing.  Thanks anyway.
Tim HolmanCommented:
Those are the ports you need to open on the firewall for Citrix to work fully.  However, I looked up the 'ICA file not found' message on the Citrix support site, and it is fixable... take a look here, apologies for bombarding you in geek language... ;)

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

ModellAuthor Commented:
ummmmmm, Tim, I found that web page some time ago; its instrucitons assume you have the ports open. My request is for someone to help me, step by step, open the ports using Norton Personal Firewall.  According to the host, I only need the two ports listed, udp 1604 and tcp 1494 open. But they won't help me do it ... 'third party programs etc.'. Thanks again
Tim HolmanCommented:
Sorry for the delay in response, but do you still need help with this ?
ModellAuthor Commented:
The needed help has changed a little.  With dogged determination I have managed to open the two ports required by Citrix.  But I am very uneasy about it because I don't know how to tell Norton that there is only one company/person/computer permitted to use those ports.  Is this something you can help me with? Thanks.
It's a thre step process if you don't know the computer you want to give access to:

1) Modify the rule you created to open the two ports by going to the "Tracking" tab and ticking the box labeled "Create an event log".

2) Check the "Event log" to see the "Remote computer" that tried using these two ports.

3) Modify the same rule again by going to the "Computers" tab and adding the "Remote computer" you found in step two to the "Only the computers and sites listed below" list.
No comment has been added to this question in more than 21 days, so it is now classified as abandoned..
I will leave the following recommendation for this question in the Cleanup topic area:
Split - tim_holman and slowmoe

Any objections should be posted here in the next 4 days. After that time, the question will be closed.

EE Cleanup Volunteer

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now