We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Trouble with access to Citrix farm behind ISA2004.

Medium Priority
606 Views
Last Modified: 2013-11-11
Network layout as follows:
Internet -> Citrix Secure Gateway -> SBS2003(ISA2004) -> Citrix Farm (LAN)

I have 2 Citrix PS4.5 servers behind ISA2004 with Web interface (WI) loaded on one of them. The STA is also loaded on same server as WI.
The Citrix Secure Gateway (CSG) has CA cert loaded and listens on port443 for users accessing via the internet. Users can access the WI fine and see all their publishid apps, but as soon as they launch an app, it comes up with SSL 29 error...port 1494.

My ISA2004 config seems to be the problem.
Ive created 2 server publishing rules to the CPS4.5 server hosting the WI (port 80) and STA (port81). That seems to be working fine, but my 1494 ICA traffic is not working well.
I created a server publishing rule for 1494 traffic to the same server, but ISA still blocks ICA traffic with the built-in ICA protocol, which is not even the protocol I selected for this rule. That means it's not even picking up the ICA published server rule. However, I can telnet that server on 1494.

Furthermore, these to citrix servers will load balance, so how do I get 1494 traffic traversing to these 2 servers behing ISA?

The 'Secure Client Access' settings on the Wi is set to 'Gateway Direct' and the FQDN & port is set to the same as that Secure Gateway.

Please help, I'm stuck here!
Thanks in advance.

Comment
Watch Question

Most Valuable Expert 2011
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.