Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Citrix server behind a NAT

Posted on 2006-11-26
10
Medium Priority
?
3,420 Views
Last Modified: 2011-04-14
Current i have a citrix metaframe 4 behind a NAT (192.168.1.2)  I would like to deploy an application to user who is out of the office via shortcut or ica files.  Is that possible?

Currently if the user wish to access the application he/she have to connecty to the server via citrix client and get access the citrix server to run the application.  This is too much work and taking alot of resourcce.  I was able to create a ica file and open the application to the desktop when i'm inside the  office or on a same nat.

PLEASE HELP, MANY THANKS IN ADVANCE  
0
Comment
Question by:paulhuynh
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18016132
Citrix uses port 80 for the XML service and 1494 for ICA connectivity.  From the outside your user will have to be able to contact the Citrix server at 192.168.1.2 port 1494.  On your router / firewall you will need to forward that port to the citrix server.  In the ICA file you will have to supply the external ip address of your connection.

Another way to do all of this is use the Citrix Web Interface.  This can be a very handy way of deploying applications externally and internally.  It still requires that port 1494 be forwarded to the citrix server, but allows the user to simply login and launch any published app.

Security concerns of course use SSL for the web interface, and an even better solution is the secure gateway.  These may a bit more than you want to do.  The port forwarding and replacing the ip address with the public one should work for you.
0
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18016141
http://support.citrix.com/servlet/KbServlet/download/6302-102-12987/Web_Interface_Guide.pdf

Guide on WI for MPS4 also page 74 discusses some setup you may like to read about address translation and mapping.
0
 

Author Comment

by:paulhuynh
ID: 18016258
I current have my firewall doing portwarding  to the server  port 80, 1494, and 1604.  I will post you my ica file shortly
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18016264
Great.  Sounds like the NAT side is setup fine.  One thing to try just as a final test of NAT telnet to the public ip port 1494.

telnet ip.ad.dr.ess 1494 if it is working you should see ICA returned.
0
 
LVL 11

Expert Comment

by:AdamBNYC
ID: 18016937
Also open up 2598, This is the new citrix session reliablity port.
0
 

Author Comment

by:paulhuynh
ID: 18020701
here is my current ICA file

[WFClient]
Version=2
TcpBrowserAddress=192.168.1.2
HttpBrowserAddress=192.168.1.2
PersistentCachePath=C:\Documents and Settings\Kevin\Application Data\ICAClient\Cache
 
[ApplicationServers]
CONTACT MANAGER=
 
[CONTACT MANAGER]
Address=CONTACT MANAGER
InitialProgram=#CONTACT MANAGER
ClientAudio=Off
Compress=On
TWIMode=On
DesiredHRES=1024
DesiredVRES=768
DesiredColor=4
TransportDriver=TCP/IP
WinStationDriver=ICA 3.0
BrowserProtocol=HTTPonTCP
ScreenPercent=0
0
 
LVL 10

Accepted Solution

by:
chrisnewman01 earned 2000 total points
ID: 18021517
TcpBrowserAddress=<external IP address you have set that maps to this server>

HttpBrowserAddress=<external IP address you have set that maps to this server>   <-- you may want to remove this line if you are having trouble accessing the app (or ; it out)

AND

(in the [CONTACT MANAGER] section:)
Address=<external IP address you have set that maps to this server>

Chris
0
 

Author Comment

by:paulhuynh
ID: 18039877
THANK YOU IT WORK GREAT  CHANGING THE IP ADDRESS SOLUTION WORK GREAT
0
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18064587
Also, just as a suggestion.  For one user this works well.  As your remote needs begin to increase.  Think about using secure gateway or web interface, makes your life much easier and is more secure.
0
 
LVL 10

Expert Comment

by:chrisnewman01
ID: 18065443
Absolutely, Matthew L is correct by saying that.  You also only need to open port 443 on the outside (or 80 with a redirect to 443).
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #POC #XenDesktop #vCenter #VMware #ESX
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

598 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question