asked on

Citrix Web Interface and Natted Address

Hi

we have users coming in over a firewall from another site to hit our internal web interface servers.

they can login in using the natted address of 192.168.244.110 ( http://WI/citrix/TEST) intenral is 172.22.240.24

they can login ok but when they try and fire up an application they get the error message "cannot connect to presentation server, there is no citrix presentation server configured on the specified address.

They only need to get to 1 server CTXSRV001 172.22.240.10 I have set this up with altaddr of 192.168.244.89

on the Web Interface

DMZ = Alternative
Address translation = 172.22.240.10 1494 192.168.244.89 1494

The web interface has 3 different access platforms. These user will only connect to this test site the other 2 sites work fine and point to same data collectors as this does.

I am convinced the Web Interface is set up correctly but would any pointers.

the network traffice on port 1494 iis inbound only, I think this should be in both directions.. but firewalls say they cant see any traffice,

BLipman

Can you right click one of the apps, choose save as..., then save to the computer, open the file (called launch.ica) with notepad, and post the contents? Do I hear you right when you say that the site works fine from within the 172 network?

Post your ICA file and let's see if you are getting the proper address.

The_Waltzing_Shark

ASKER

Yes, works for the 172 sites that are all behinf firewall.

I have been informed the Firewall performs NAT The Prresentation server they will connect to has an alternative address. On WI site i have remoced the translated address i put in there and left DMZ settings as default = alternative.

I will have to wait till tuesday now.

The_Waltzing_Shark

ASKER

Can anyone advise what ports will need to be open on firewall

, i got xml service on port 8080 & 1494 (session reliability not used)

Do both need to be opened inbound and outbound on firewall????

The_Waltzing_Shark

ASKER

enclosed is the ICa file.

i got the ports open of firewall to be able to ping and pinged the following

Natted address of IP 192.168.244.110 ( http://WI/citrix/TEST) - worked fine

internal address of Citrix PS server - 172.22.240.10- expired in transit
alt addr of Citrix PS server - 192.168.244.89 - timed out

below is ICA file

[Encoding]
InputEncoding=UTF8

[WFClient]
CPMAllowed=On
ClientName=WI_CBXLdNBvKATSbcHCO
ProxyFavorIEConnectionSetting=Yes
ProxyTimeout=30000
ProxyType=Auto
ProxyUseFQDN=Off
RemoveICAFile=yes
TransparentKeyPassthrough=Local
TransportReconnectEnabled=On
VSLAllowed=On
Version=2
VirtualCOMPortEmulation=Off

[ApplicationServers]
Notepad - Test=

[Notepad - Test]
Address=192.168.244.89:1494
AudioBandwidthLimit=2
AutologonAllowed=ON
BrowserProtocol=HTTPonTCP
CGPAddress=*:2598
ClearPassword=26634CF40503F0
ClientAudio=On
DesiredColor=8
DesiredHRES=1024
DesiredVRES=768
DoNotUseDefaultCSL=On
Domain=\CABE1AF434C713A1
InitialProgram=#Notepad - Test
LPWD=16
Launcher=WI
LocHttpBrowserAddress=!
LogonTicket=26634CF40503F0CABE1AF434C713A1
LogonTicketType=CTXS1
LongCommandLine=
NRWD=16
ProxyTimeout=30000
ProxyType=Auto
SSLEnable=Off
SessionsharingKey=2119128539
StartIFDCD=1241694142315
StartSCD=1241694142315
TRWD=0
TWIMode=On
TransportDriver=TCP/IP
UILocale=en
WinStationDriver=ICA 3.0

[Compress]
DriverNameWin16=pdcompw.dll
DriverNameWin32=pdcompn.dll

[EncRC5-0]
DriverNameWin16=pdc0w.dll
DriverNameWin32=pdc0n.dll

[EncRC5-128]
DriverNameWin16=pdc128w.dll
DriverNameWin32=pdc128n.dll

[EncRC5-40]
DriverNameWin16=pdc40w.dll
DriverNameWin32=pdc40n.dll

[EncRC5-56]
DriverNameWin16=pdc56w.dll
DriverNameWin32=pdc56n.dll

The_Waltzing_Shark

ASKER

anyone ???

ASKER CERTIFIED SOLUTION

BLipman

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial