Link to home
Start Free TrialLog in
Avatar of dak11
dak11

asked on

DNS error

I'm having issues with users being able to connect to a new Citrix server from remote sites. Internally it always seems to work but externally it seems to be very sporadic. I'm guessing it might be a DNS problem but I'm really not sure.

I'm just learning Citrix and I'm the 'expert' in the office so some things are a learning experience.

My remote users connect to the internet via cable, DNS, or Verizon internet cards, then connect to a CISCO PIX through the CISCO VPN client, and then access the citrix server through the URL http://citrix.xxxx.intranet/Citrix/AccessPlatform/auth/login.aspx (domain replaced by xxx).

Some users have no problem but other users cannot seem to get to the server. They're connected to the network since they're able to remote desktop into a Win XP machine.

Just trying to figure out how to correct this resolution issue and/or if there's a better way to configure the web interface at this point.

Any help would be greatly appreciated.

Thanks
Avatar of MarkThomasLee
MarkThomasLee

what is the network configuration?
Firewalled? are the ports open for Citrix to be reached via the firewall? for the clients that can't connect to the citrix server have them type ping "ctrix.xxxx.intranet(is there a .com or .net in here somewhere in the URL?) and see what the response is it should equate to the external IP address, if not, then you're right you do have a DNS issue, contact your ISP (who I'm assuming is your domain authority), and make sure the DNS entries are correct.

Addendum
It could also be an issue with the URL I don't see a '.' something in the URL.
Avatar of dak11

ASKER

Mark,

That's the thing. I haven't gotten it running to an external IP yet. Since it was a rush to get it up and running I currently have then VPN'ing into the network and running a local intranet URL to access the server.

I'd assume once they VPN in they'd be able to access it just like I can on my network, though I'm guessing they're not using my internal DNS for translation and that's the main problem.
Im gonna ask a beginner question here so forgive me if i insult you. Have you checked to verify the users that cannot connect are on the remote users group of the machine?
SOLUTION
Avatar of MarkThomasLee
MarkThomasLee

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of dak11

ASKER

Tyvlen - The users can connect some of the time so it doesn't seem to be a rights issue.

Mark - The VPN solution is through a CISCO PIX 506e and the tunnel seems to be up and remain since as a backup right now I have them connecting into a remote session with their desktop here in the office when they have trouble with the Citrix server and no one has complained about losing their connection to those machines over the last couple of years.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of dak11

ASKER

croberds - The web interface is installed and they've used it in the past without a problem.

Users are getting a page not displayed error.

I had one user try the internal IP address and he got the same page not displayed error.

Only errors in event viewer are printer errors. But, I haven't gotten around to playing with the printers yet so that's probably expected.

Most users are connecting via verizon wireless cards so they should have a routable IP address.

I don't think ports should be an issue since the users are VPN'ing in through a CISCO PIX and running the web interface. If you think that could be an issue I can try opening up the port(s) on the PIX - though I have little experience doing that.

Was looking to use the web interface for a while until users got comfortable with the new setup.

If the problem is the resolution from my internal DNS servers, what's the easiest way that I could have the server setup with an outside URL rather then going through the VPN?
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
good deal.  I was getting ready to respond when I had to put a fire out here.

If you eventually want to bypass the VPN there is good stuff here on EE and some other sites.  Info on CSG:  http://support.citrix.com/article/CTX103759 and here:  http://support.citrix.com/servlet/KbServlet/download/8810-102-14371/SG%20Fault%20Tolerance%20and%20DMZ%20Configuration.pdf

A good thread here detailing using an external site with and without CSG:  https://www.experts-exchange.com/questions/23104891/Citrix-WI-not-externally-working.html?sfQueryTermInfo=1+access+citrix+gatewai