avidmedical
asked on
How is a citrix alternate address (altaddr) used?
How is this alt address used by the presentation server or by the client attempting to connect? Is it sometimes assigned to the web interface server versus the presentation server? Senarios? The admin guides says it is "the alternate address returned to clients that request it and is used to access a server that is behind a firewall". What does "returned to clients" mean, and why would you use an alt addr and where? Can't the firewall just do port or address translation and translate to the web i/f server directly to its non-alt address? Thanks.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I just answered ONE of my own questions by reading the "Establishing a secure connection to a server farm" on p.25 of the Secure Gateway for Windows Admin Guide.....the question about returning the ip address to the client. I'm now reading the "Managing Secure Client Access" part of the Web Interface Admin guide (so many guides!) which talks about editing the various settings for DMZ, Translations, etc. HOWEVER, an example would still be extremely helpful. They don't include one, or tell you how it all fits together. Thank you.
ASKER
Sorry...i was typing my message while you were typing yours.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Here's the bottom line of what i'm trying to understand: say you have a translating firewall at the edge, you have CSG and WI (or maybe just WI) in the DMZ, and XenApp servers on the production side of the internal firewall--which firewall is probably also translating. How do you then configure the the WI / web site / Configure Secure Client Access area, in terms of Edit DMZ settings, Edit Translation mapping, and/or Edit Secure Gateway? I'm trying to understand what you are adding, in general, for what situation (not asking you to give me all possible scenarios). When in DMZ Settings, you click "add", and you have a dialog box that says "Client IP address, Mask, and Access Method...Direct, Alternate, Translated, SG Direct, SG Alternat, or SC Translated". What Client IP Address? and in Edit Address Translations, you click "add", and you have "Client route translated, Gateway route translated, or Client and Gateway route translated", and then internal ip/port and external/ip port. Why would WI care about the translation occuring at the edge or internal firewall? If you would be so kind, could you pick a senario with an Internet client, Edge firewall, DMZ with CSG / WI, internal firewall, production citrix servers, and tell me what i'd configure where? Just a simple example? :-) Thank you very much for helping me.