anupam1983
asked on
Firewall ports on DMZ
Hi Eperts,
could you please tell me which are the ports need to open on firewall in my dmz setup for citrix farm. Our users will be accessing applications through Web interface 5.1.1 and Secure Gateway 3.1, server hosting the WI nd SG will be on DMZ.
So tell me which port no. on which firewall need to open. If we could categoris first firewall and 2nd firewall. First firewall is from the public end.
Thanks in advance.
could you please tell me which are the ports need to open on firewall in my dmz setup for citrix farm. Our users will be accessing applications through Web interface 5.1.1 and Secure Gateway 3.1, server hosting the WI nd SG will be on DMZ.
So tell me which port no. on which firewall need to open. If we could categoris first firewall and 2nd firewall. First firewall is from the public end.
Thanks in advance.
ASKER
Hi Amichaell,
thanks for your replpy, i would like to confirm that we are using HTTPS so we need to open 443 only from internet to DMZ. And we are using XML service port 8080 so do we need to open only 1494/2598 and 8080 from DMZ to private network. I would like to confirm that we don't need to open port 80 on either way. Just confirm.
thanks for your replpy, i would like to confirm that we are using HTTPS so we need to open 443 only from internet to DMZ. And we are using XML service port 8080 so do we need to open only 1494/2598 and 8080 from DMZ to private network. I would like to confirm that we don't need to open port 80 on either way. Just confirm.
ASKER
Hi,
one more doubt don't we need to open 443 port from DMZ to private network.
one more doubt don't we need to open 443 port from DMZ to private network.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
2598 = Session Reliability
80 = HTTP
443= HTTPS
You'll need to allow HTTP/HTTPS (whichever you are using...hopefully HTTPS) from the Internet to the CSG/WI server in your DMZ. You'll need to allow 80 and 1494/2598 (depending upon whether you use Session Reliability) from your DMZ to private network.
http://www.msterminalservices.org/articles/Install-Configure-Citrix-Web-Interface-Secure-Gateway-Part1.html
and
http://www.msterminalservices.org/articles/Install-Configure-Citrix-Web-Interface-Secure-Gateway-Part2.html