Everything is working great internally and externally for Citrix users using Http instead of Https.
Current setup is:
Internal: citrix.domain.local (192.168.1.0 IP Range)
I am using ISA Server 2004 and have a standard Publishing Rule for traffic 1494, 2598, & 80 to go citrix.domain.local. I setup access routs as follows:
Default - Translated
192.168.1.0 - Direct.
citrix.domain.local 80 to citrix.domain.com 80
citrix.domain.local 1494 to citrix.domain.com 1494
citrix.domain.local 2598 to citrix.domain.com 2598
Users can go to http://citrix.domain.com/citrix/accessplatform
from home and everything works great.
So, I setup Secure gateway. Went through the wizard ok with no problem.
Setup the gateway settings as:
STA FQDN: http://citrix.domain.com/Scripts/ctxsta.dll
Session Reliablity Checked.
Installed the Root Certificate from my server
Open up a port on the ISA to allow traffice on 443.
I also tried to setup a address translation for port 443 with no luck.
I can go to https://citrix.domain.com/citrix/accessplatform
and login, but the server cannot be found when I click on an application. Running a sniffer shows it is trying to connect to citrix.domain.local and not citrix.domain.com which should be a translation issue, but I have tried every combination.
Basic setup is:
Public IP - ISAServer 2004 - Private IP (192.168.1.0) NAT
Citrix computer is a member server on the private subnet