Citrix XenApp AD and firewall configurations
Posted on 2009-12-22
We are now venturing in to Citrix XenApp 5 for Win2k3. We have a disagreement as to which way our firewall should be setup(I am not the fw admin).
Now I have bound the Windows 2003 boxes to AD so that GPO's can apply to the users upon login and so they can gain access to other network resources.
I was then preparing to place ONLY the Web and access gateway box into our DMZ when the firewall admin during implementation stepped up and said no, ALL of the citrix environment must be placed into the DMZ.
The problem with this, is that even though ports have been opened up for the DMZ back to the LAN, I am still having communication issues with the Windows 2003 server box applying the Windows group policy.
So which is the way to go? only the web and access gateway in the DMZ and everything else on the LAN or All servers, for Citrix(XenApp and Access Gateways) in the DMZ?
Please provide me with some links to documented info on the Citrix site.