Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 16961
  • Last Modified:

cannot connect to the citrix metaframe server. There is no citrix metaframe server configured on the specified address.

I am having a normal citrix setup , I used to connect to client locally thru the web interface i.e. http://test/Citrix/MetaFrame/auth/login.aspx and from internet i used to connect thru the link http://24.187.244.249:8067/Citrix/MetaFrame/auth/login.aspx   as natting is defined in the firewall .

The cleint are getting authenticated from local lan and even from the internet but at the time of launching the appliation its getting launched from the local lan and from internet its giving the following error
"cannot connect to the citrix metaframe server.  There is no citrix metaframe server configured on the specified address."
The Applications are linking like this from lan the address am getting upon clicking an application icon after logging to citrix web interface  "http://test/Citrix/MetaFrame/site/icons.aspx?id=GLIKCNJLABMNFLGIAIOJGGHLEEEIMKCH"  where as from the internet its showing the same application link as "http://24.187.244.249:8067/Citrix/MetaFrame/site/icons.aspx?id=GLIKCNJLABMNFLGIAIOJGGHLEEEIMKCH"   
I could not understand since 24.187.244.249:8067 is pointing to the local ip of test and we are getting the login prompt and getting loggin successfully and showing all published applications but why its not launching the application and giving this error. cannot connect to the citrix metaframe server.  There is no citrix metaframe server configured on the specified address.
0
AvalonicsInc
Asked:
AvalonicsInc
  • 7
  • 6
1 Solution
 
ScooterAndersonCommented:
You'll need to edit your DMZ settings on your WebInterface config (in Access Management Console) to run as "Translated".

What is happening is that your clients are authenticating against your Citrix box, but the Citrix server isn't recognizing that they aren't on the local LAN and handing them an internal link to the application ("http://test/Citrix/MetaFrame.....")

With the translation turned on, your external clients will receive a link to the application that will use your External IP address in the link to the application.
0
 
AvalonicsIncAuthor Commented:
I have changed the settings from direct to translated but still not working. Even I created the address translations with internal and external ips but still problem persists.
0
 
AvalonicsIncAuthor Commented:
one more thing i need to ask is what are the ports we need to open on the firewall for citrix web interface for external network clients.
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
ScooterAndersonCommented:
Hmmmm... Take a look here:  http://www.dabcc.com/article.aspx?id=1755

 Web Interface

o    Client connections - TCP 80/443 (configurable)
o    Server-to-server - TCP XML 80/8080, 443 (using SSL Relay)
o    Management console (partially IMA) - DCOM 135 (+ configurable high port range), IMA-TCP 2513, TCP 80/443
0
 
ScooterAndersonCommented:
Also, another test you can do to verify your Translation configuration:
Log in to WebInterface from outside your firewall and then right-click on the app you want to run, select SaveAs and save the .ICA file to your desktop.  "Edit" the file to take a look at the settings inside the file.

Also, as a reference on configuring the address translation, take a look in the Web Interface Administrators Guide, p. 105
ref:  http://support.citrix.com/article/CTX111709
0
 
AvalonicsIncAuthor Commented:
when am saving and opening the launch.ica file its giving me the local ip of the citrix server not the public(natted) ip inside the file . please find below the lauch.ica contents and still same error even though i defined translation.

Encoding]
InputEncoding=ISO8859_1

[WFClient]
ClientName=WI_N8QJaUoyEmBwz7AlO
ProxyFavorIEConnectionSetting=Yes
ProxyTimeout=30000
ProxyType=Auto
ProxyUseFQDN=Off
RemoveICAFile=yes
TransparentKeyPassthrough=Local
TransportReconnectEnabled=On
Version=2
VirtualCOMPortEmulation=Off

[ApplicationServers]
claculator=

[claculator]
Address=192.168.1.139:1494
AudioBandwidthLimit=2
AutologonAllowed=ON
ClearPassword=927F031BA3FF45
ClientAudio=On
DesiredColor=4
DesiredHRES=800
DesiredVRES=600
Domain=\3DB68889F4A87939
InitialProgram=#calculator
Launcher=WI
LongCommandLine=
ProxyTimeout=30000
ProxyType=Auto
SSLEnable=Off
SessionsharingKey=4-basic-basic-test-chrisp-avalonics
TWIMode=On
TransportDriver=TCP/IP
Username=chrisp
WinStationDriver=ICA 3.0

[Compress]
DriverNameWin16=pdcompw.dll
DriverNameWin32=pdcompn.dll

[EncRC5-0]
DriverNameWin16=pdc0w.dll
DriverNameWin32=pdc0n.dll

[EncRC5-128]
DriverNameWin16=pdc128w.dll
DriverNameWin32=pdc128n.dll

[EncRC5-40]
DriverNameWin16=pdc40w.dll
DriverNameWin32=pdc40n.dll

[EncRC5-56]
DriverNameWin16=pdc56w.dll
DriverNameWin32=pdc56n.dll

0
 
ScooterAndersonCommented:
Ok, based on the .ICA file you show above, you need to configure the DMZ Settings noted in my previous post and set it for "Alternate" - and specify the internal to external NAT addresses.  Then the correctly formatted .ICA file should be created for your client connection.
0
 
ScooterAndersonCommented:
Sorry, hit submit before I finished my though... you can also verify if you have a static Alt Address assigned on your Citrix box.
At a command line, type:   altaddr   and it'll show if you have anything set up.  If you're using DMZ Translation in your WebInterface, you shouldn't have anything set in your AltAddr - it'll just muddy the water...
Again, take a look around p.105 in the WebInterfaceAdmin Guide, noted above.
0
 
AvalonicsIncAuthor Commented:
now I have change the dmz settings to alternate and default to alternate now in the lauch.ica am getting the public ip of the citrix (natted) but still unable to login same error"cannot connect to the citrix metaframe server.  There is no citrix metaframe server configured on the specified address."
0
 
ScooterAndersonCommented:
It's also throwing the connection port as 1494 (ICA), you may want to open that up on your firewall...

> [claculator]
> Address=192.168.1.139:1494
> AudioBandwidthLimit=2
0
 
AvalonicsIncAuthor Commented:
After changing to alternate find below the contents of my launch.ica

Encoding]
InputEncoding=ISO8859_1

[WFClient]
ClientName=WI_N8QJaUoyEmBwz7AlO
ProxyFavorIEConnectionSetting=Yes
ProxyTimeout=30000
ProxyType=None
ProxyUseFQDN=Off
RemoveICAFile=yes
TransparentKeyPassthrough=Local
TransportReconnectEnabled=On
Version=2
VirtualCOMPortEmulation=Off

[ApplicationServers]
Adobe Contribute=

[Adobe Contribute]
Address=24.187.244.248:1494
AudioBandwidthLimit=2
AutologonAllowed=ON
ClearPassword=D7FF3A203D0FF4
ClientAudio=On
DesiredColor=4
DesiredHRES=800
DesiredVRES=600
Domain=\7EFC8EA1C77AB6FA
InitialProgram=#Adobe Contribute
Launcher=WI
LongCommandLine=
ProxyTimeout=30000
ProxyType=None
SSLEnable=Off
SessionsharingKey=4-basic-basic-sbsava4-chrisp-avalonics
TWIMode=On
TransportDriver=TCP/IP
Username=chrisp
WinStationDriver=ICA 3.0

[Compress]
DriverNameWin16=pdcompw.dll
DriverNameWin32=pdcompn.dll

[EncRC5-0]
DriverNameWin16=pdc0w.dll
DriverNameWin32=pdc0n.dll

[EncRC5-128]
DriverNameWin16=pdc128w.dll
DriverNameWin32=pdc128n.dll

[EncRC5-40]
DriverNameWin16=pdc40w.dll
DriverNameWin32=pdc40n.dll

[EncRC5-56]
DriverNameWin16=pdc56w.dll
DriverNameWin32=pdc56n.dll

even though all the ports are opened on my firewall again its giving same error "cannot connect to the citrix metaframe server.  There is no citrix metaframe server configured on the specified address.", I am not using ssl as I dont have any certificate, am using only http so i didnot configured "Secured Gateway Settings".
0
 
ScooterAndersonCommented:
from a remote client workstation, open a DOS box and type:   telnet 24.187.244.248  1494

If you don't get a connection, either your firewall port isn't open or isn't NAT'd correctly...
0
 
AvalonicsIncAuthor Commented:
I  have a linux based firewall "UTANGLE" I did opened all the ports but when i do telnet 24.187.244.248 1494 its not connecting where as when i telnet from internal network to internal ip i.e. 192.168.1.139 1494 its connecting and showing ica in the command window.

even though all the ports are opened and even i again defined port 1494 in utangle but still its not connecting on port 1494.

suggestions are welcomed
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now