wolf2008
asked on
External citrix access
Citrix Presentation Server is working fine internally, however, externally we can only get to the public IP and the published apps error out with: "Cannot connect to the citrix presentation server. There is no citrix presentation server configured on the specified address."
Please advice,
Please advice,
Are you trying the Web Interface or Program Neighborhood? It is either the alternate address not being set, the PN client not saying "use alternate address for firewalls", or the Web Interface not having the proper DMZ settings or address translations.
ASKER
We are using WI, it was working and a cutover occured which included a change of network IP scheme.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Not sure if I follow. All published applications are hosted on ctx-1 and 2 boxes. What application would I click on WI?
Thanks,
Thanks,
Sign into your Web Interface just like you are about to launch a program and get your error, instead of left clicking, right click, do a save as, and you should be able to save a file with the config that the WI is giving you. The issue here is that the WI is a dynamic site; it forms your applications based on who you are and where you are coming from. If you post your file we can determine approximately what is going on wrong.
ASKER
[Encoding]
InputEncoding=UTF8
[WFClient]
CPMAllowed=On
ClientName=HCPOL-RHAR-n50j k
ProxyFavorIEConnectionSett ing=Yes
ProxyTimeout=30000
ProxyType=Auto
ProxyUseFQDN=Off
RemoveICAFile=yes
TransparentKeyPassthrough= Local
TransportReconnectEnabled= On
VSLAllowed=On
Version=2
VirtualCOMPortEmulation=Of f
[ApplicationServers]
Requisitioner=
[Requisitioner]
Address=10.20.0.12:1494
AutologonAllowed=ON
BrowserProtocol=HTTPonTCP
CGPAddress=*:2598
ClearPassword=E4BA4679F1A8 9F
ClientAudio=Off
DesiredColor=8
DoNotUseDefaultCSL=On
Domain=\28D6DE8CBCDD1971
EncryptionLevelSession=Enc RC5-128
InitialProgram=#Requisitio ner
LPWD=172
Launcher=WI
LocHttpBrowserAddress=!
LogonTicket=E4BA4679F1A89F 28D6DE8CBC DD1971
LogonTicketType=CTXS1
LongCommandLine=
NRWD=172
ProxyTimeout=30000
ProxyType=Auto
SSLEnable=Off
ScreenPercent=75
SessionsharingKey=8-rc5-12 8-none-hcp olytech.or g--HCPolyT ech
StartIFDCD=1246463593578
StartSCD=1246463593578
TRWD=0
TWIMode=On
TransportDriver=TCP/IP
UILocale=en
Username=rhartpence
WinStationDriver=ICA 3.0
[Compress]
DriverNameWin16=pdcompw.dl l
DriverNameWin32=pdcompn.dl l
[EncRC5-0]
DriverNameWin16=pdc0w.dll
DriverNameWin32=pdc0n.dll
[EncRC5-128]
DriverNameWin16=pdc128w.dl l
DriverNameWin32=pdc128n.dl l
[EncRC5-40]
DriverNameWin16=pdc40w.dll
DriverNameWin32=pdc40n.dll
[EncRC5-56]
DriverNameWin16=pdc56w.dll
DriverNameWin32=pdc56n.dll
InputEncoding=UTF8
[WFClient]
CPMAllowed=On
ClientName=HCPOL-RHAR-n50j
ProxyFavorIEConnectionSett
ProxyTimeout=30000
ProxyType=Auto
ProxyUseFQDN=Off
RemoveICAFile=yes
TransparentKeyPassthrough=
TransportReconnectEnabled=
VSLAllowed=On
Version=2
VirtualCOMPortEmulation=Of
[ApplicationServers]
Requisitioner=
[Requisitioner]
Address=10.20.0.12:1494
AutologonAllowed=ON
BrowserProtocol=HTTPonTCP
CGPAddress=*:2598
ClearPassword=E4BA4679F1A8
ClientAudio=Off
DesiredColor=8
DoNotUseDefaultCSL=On
Domain=\28D6DE8CBCDD1971
EncryptionLevelSession=Enc
InitialProgram=#Requisitio
LPWD=172
Launcher=WI
LocHttpBrowserAddress=!
LogonTicket=E4BA4679F1A89F
LogonTicketType=CTXS1
LongCommandLine=
NRWD=172
ProxyTimeout=30000
ProxyType=Auto
SSLEnable=Off
ScreenPercent=75
SessionsharingKey=8-rc5-12
StartIFDCD=1246463593578
StartSCD=1246463593578
TRWD=0
TWIMode=On
TransportDriver=TCP/IP
UILocale=en
Username=rhartpence
WinStationDriver=ICA 3.0
[Compress]
DriverNameWin16=pdcompw.dl
DriverNameWin32=pdcompn.dl
[EncRC5-0]
DriverNameWin16=pdc0w.dll
DriverNameWin32=pdc0n.dll
[EncRC5-128]
DriverNameWin16=pdc128w.dl
DriverNameWin32=pdc128n.dl
[EncRC5-40]
DriverNameWin16=pdc40w.dll
DriverNameWin32=pdc40n.dll
[EncRC5-56]
DriverNameWin16=pdc56w.dll
DriverNameWin32=pdc56n.dll
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It's fine internally, but fails from the internet. Where are the DMZ settings configured in the WI?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Awesome Expert!!!!!!!!!!!!!
http://www.brianmadden.com/forums/t/25630.aspx
Alternate Addressing Is not Configured on the MetaFrame Server
Alternatively, if the MetaFrame server is not configured with an alternate address,
you can configure the Web Interface to include the appropriate address in the .ica
files by defining address translation mappings, as follows:
1. Display the Server-side firewall settings page.
2. Select Translated address in Default address translation setting.
3. Under Specific address translation settings, enter 192.168. in the Client
address prefix field.
4. Select Normal address.
5. Click the Add button. 192.168 = Normal is displayed in the Setting map list.
This means that for clients connecting on the 192.168 subnet, an internal
address is returned.
6. Under MetaFrame server address translation map, enter 192.168.1.101:1494
in the Server address field.
7. In the Translated address field, enter 90.xx.xx.xx:1494.
8. Click Add. In the Translation map list, 192.168.1.101:1494 = 90.xx.xx.xx:1494
is displayed. This means that for clients connecting on the 123.23 subnet, the
Web Interface uses the translated address specified.
9. Click Save to save the changes.
10. Click Apply Changes in the Apply changes page.
CT