Solved

Web Interface CSG running in DMZ via CPS 4.0

Posted on 2006-11-29
3
888 Views
Last Modified: 2012-08-13
Hello all,

This is similiar to a question asked back in 2005.

When I originally installed Web Interface and CSG which is located in a DMZ for access to my Metaframe Presentation Server 4.0. FARM which is in our PN. I had to use the management console on the Web server to configure the Web Interface and CSG and the Management consoles on the Citrix farm to manage the FARM published apps etc.. seperatly because a discovery from DMZ could not see the farm and a discovery from farm can not see the DMZ web Interface. It has been a year now everything from a clients stand point looks great Web apps work from the internet great all PN/PNA/ and web client internally see the appropriate xml config file and no problems. From a management stand point its aggravating not being able to manage the way I am supposed to from a single location and feel I am missing something. Packet captures and event logs inconclusive.

We are running this through a PIX 515 and Ihave CGS configured 442 externally listening and port 80 internally to speak with FARM. I have port 80 opened from the FARM to the WEB SERVERS cluster and also 442 for when I eventually get it working to encrypt the internal session.

to be more specific on the error ........

When I try to run discovery from the presentation server I am specifying the DMZ server as the web interface configuration server but I get an error: "The RPC server cannot be contacted on server <Servername>."

I can run discovery from the DMZ server but when I enter the name of my Presentation Server I get an error that states "Errors occurred when using <Servername> in the discovery process." - When I double click on this error the message states "The RPC server cannot be contacted."

On the original post the response was below access ports set accordingly.. I am 90% sure I have the appropriate access setup because it all functionally works all except the management console which I think uses a port 2513 which I also opened between the DMZ and Farm but no luck so I closed it.. My environment is lock down tight more so then stated below this is why CSG is so important to me and probably the reason everything else works besides the Management discoveries  they dont pass through the CSG..

Well been a year and I give..  any suggestions??.. also when this gets answered I have a TS licensing question lol the clients dont see my Liocensing server for renewal and I constantly have to delete their MSLICENSING reg key to refresh their TS licensing what a pain.. ;) alot of clients .. scripting is king but getting it working right is priceless..


Original posters answer that fixed his problem back in 2005..

Answer was..
Prts that need to be open are i think i got them all are

https service all to lan
http service all to lan
smtp service all to lan
ica(1494 to) service dmz to IP of citrix server  more than one entry if more than one server

http service dmz to lan
default dmz to wan
default lan to wan
http service wan to dmz
https servcie wan to dmz

deny default wan to dmz
0
Comment
Question by:AdminBigE
3 Comments
 
LVL 11

Accepted Solution

by:
AdamBNYC earned 250 total points
ID: 18038647
I have the same issue on my farm, From what im reading, this can't be done.

http://support.citrix.com/forums/thread.jspa?messageID=394090&fromSearchPage=true&#394090
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

CITRIX XENAPP 6.5 FARM CUSTOM POLICY - CHANGE MANAGEMENT WINDOW REBOOT SCHEDULE
Several part series to implement Internet Explorer 11 Enterprise Mode
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now