I have two seperate servers. 1 is for Citrix which listens on port 443. It has it's own certificate "citrix.domain.com" and I have a exchange server listening on port 443 with it's own certificate "mail.domain.com". This was working great until a citrix tech fix a different problem for us. Now when you try to access "from the outside" the citrix server using citrix.domain.com the mail server answeres and gives an error because the certificate is for the citrix server. I have the firewall config with the fallow NAT
ip nat inside source static tcp "exchange inside IP" 443 interface Ethernet1 443
ip nat inside source static tcp "citrix inside IP" interface Ethernet1
ip nat inside source static tcp "citrix inside IP" 443 "external router IP" 443 extendable
Is this correct?
Citrix Presentation Server 4.0 settings
DMZ = Gateway Direct
The Citrix secure gateway is listening on port 444 while IIS is listening on port 443.