Secure Gateway & Presentation Server 4.5

Posted on 2007-11-28
Last Modified: 2010-04-21
Everything is working great internally and externally for Citrix users using Http instead of Https.
Current setup is:
Internal: citrix.domain.local ( IP Range)

I am using ISA Server 2004 and have a standard Publishing Rule for traffic 1494, 2598, & 80 to go citrix.domain.local.  I setup access routs as follows:
Default - Translated - Direct.
Firewall translations:
citrix.domain.local 80 to 80
citrix.domain.local 1494 to 1494
citrix.domain.local 2598 to 2598

Users can go to from home and everything works great.
So, I setup Secure gateway.  Went through the wizard ok with no problem.

Setup the gateway settings as:
FQDN:  citrix.domain.local
Port: 443
Session Reliablity Checked.
Installed the Root Certificate from my server
Open up a port on the ISA to allow traffice on 443.
I also tried to setup a address translation for port 443 with no luck.

I can go to and login, but the server cannot be found when I click on an application.  Running a sniffer shows it is trying to connect to citrix.domain.local and not which should be a translation issue, but I have tried every combination.

Basic setup is:
Public IP - ISAServer 2004 - Private IP ( NAT
Citrix computer is a member server on the private subnet

Question by:tyty4u2
  • 2
  • 2
LVL 11

Expert Comment

ID: 20400951
Redirection to https in 4.5. On the server that is holding the secure gateway go to

Edit this file, and make these changes and you should be set. All your changing is the address. This will redirect to https

  Copyright (c) 2000 - 2006 Citrix Systems, Inc. All Rights Reserved.
  Web Interface
<script type="text/javascript">
  // -->
LVL 11

Accepted Solution

AdamBNYC earned 500 total points
ID: 20400977
Also did you look at the DMZ settings for the web interface on the secure gateway. When you go into the access management console, you expand out web interface, click on your website, then click manage secure client access, go into the DMZ settings. I believe the setting you may be looking for is gateway direct. Since this is WAN side, you probably dont need to put anything else in here, unless you have your local network users pointed to the secure gateway for access, then you will have to put some other DMZ settings in there. Let me know how it goes.

Author Comment

ID: 20401013
I appreciate the help.  I have had this question posted for awhile with no response and wouldn't ya know it, I fix it and I get a response.  

I ended up changing the translation to Gateway Direct and the default to Gateway Translation and that seemed to fix the problem.  Its VERY odd that the translation was taking presidence no matter what, even externally, but only when using HTTPS.  HTTP translated ok.  I ended up getting it resolved by setting up a new Web Interface Site and trying every possible combination.

Ran a packet sniffer and all traffice was going over HTTS and TLS.  Also opened the launch.ica and saw the address as being encrypted.

Thanks for the help though.

Author Closing Comment

ID: 31411595
I ended up fixing it before I received a response, but this answer was correct.  THANKS!

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

#Citrix #Citrix Policies #XenDesktop #VDI #POC #Citrix Univeral Printer Driver #Citrix UPD
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question