Link to home
Start Free TrialLog in
Avatar of pearlvision
pearlvisionFlag for United States of America

asked on

Using Web Interface 4.0 using NAT on a Router

Ok, I am still trying to wrap my mind around the documentation for the Web Interface's Secure Client Access settings.

My problem is that in my case we are using NAT on a router, instead of a Firewall.  Let me try and explain my problem.

IP Addresses:
Citrix Clients = 172.26.x and 128.185.x
Server NATd Address = 199.220.115.198
Server Internal Address = 10.10.1.20
Web Interface and PS4 are on the same server

So when I use my desktop to access the Web Interface via the NATd address (199.220.115.198) I get the logon screen.  I am able to logon successfully, but when I try and launch a published application I get the following non-descript error:
Cannot connect to the Citrix MetaFrame server.
The Citrix Metaframe server you have selected is not accepting connections.

The problem is I can create an ICA connection directly to the server without any problems, but I cannot seem to use an Application Set connection or the web interface.

I have setup the server with an alternate address of the NATd address using altaddr.  I have also setup the Web Interface's Secure Client settings to use the Alternate address option.

Nothing seems to work to allow for a successful ICA connection.
Avatar of chrisnewman01
chrisnewman01

Do the users connect via the 10.10.1.20 address or do they use the 199.220.115.198 address?  Which port are you using for XML?  Is there routing between the sites over that same router?  When you connect to the site (directly), are you on the same subnet (10.x.x.x), or are you on one of the other 2 subnets?  Is TCP port 1494 opened to the Citrix server on the 'firewall'?  Sorry for all the questions, I'm trying to understand your network a little better.  

Also, if you right click any one of your icons and save, then open the file, what IP address is listed in there?  The 10.x address or the 199.220.x address?
SOLUTION
Avatar of chrisnewman01
chrisnewman01

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of pearlvision

ASKER

Q:Do the users connect via the 10.10.1.20 address or do they use the 199.220.115.198 address?
A:They are connecting using 199.220.115.198.

Q:Which port are you using for XML?
A:Port 80 (default)

Q:Is there routing between the sites over that same router?
A:Not sure what you mean.  the 172.x and 128.x are other WAN sites with routers, but there is only one router to the 10.x site

Q:When you connect to the site (directly), are you on the same subnet (10.x.x.x), or are you on one of the other 2 subnets?
A:One of the other 2. (172.x or 128.x)

Q:Is TCP port 1494 opened to the Citrix server on the 'firewall'?
A:We do not have a firewall between, but all of the Citrix published ports are allowed through the router.

Q:Are you using Alternate or Secure Gateway Alternate for the 172.26.x and 128.185.x sites?
A:I have tried Alternate and Translated and neither seem to work.
Download your launch.ica file by right clicking and choosing save; open it w/ notepad and post.  
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I appreciate everyone's posts, but I was able to solve the problem.  it was a misconfiguration on the NAT on the router causing my issues.