Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3580
  • Last Modified:

Add a Citrix server to a farm

I installed a second Citrix server and added it to the farm during the install.  When I add a second server to a published desktop on the web interface, it does not work at all anymore.  I have the web interface configured to connect with alternate addressing and I am not sure if this has anything to do with it.  Am I doing something wrong here?  Do I have to do additional configuration besides adding the new server to the list in the published application?
0
mattpayne59
Asked:
mattpayne59
  • 10
  • 8
1 Solution
 
Carl WebsterCommented:
You will need to setup altaddr on the 2nd server also.  Using altaddr is not recommended for reasons such as this.  For each server you add to your farm, you will need to add a public IP address.

Use the FREE Citrix Secure Gateway software and life wiwll be MUCH easier and safer and encrypted.
0
 
mattpayne59Author Commented:
This is the second time you have said something I am doing is wrong.  How difficult is setting up Citrix Secure Gateway?  Does it look any different to the end user?  I believe the installation for that is just on the components CD, right?
0
 
Carl WebsterCommented:
Well not "wrong".  Just not really right from a security and growth aspect.  It is OK for testing and playing around but not production use.

I just wrote another article on implementing CSG at http://www.dabcc.com/Webster .  It is Part 10.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 
mattpayne59Author Commented:
Do I put this on one of the Citrix servers or do I create a new server to host just this?
0
 
Carl WebsterCommented:
It is "best" to put the CSG and WI on a separate server and if possible that server should be in the DMZ.
0
 
mattpayne59Author Commented:
But CSG and WI go on the same server?  And WI installed first, then CSG?  That seems to be the order in your articles.
0
 
Carl WebsterCommented:
Yes, CSG and WI can go on the same server and most people do it that way.  WI first, test it, then CSG and test it.
0
 
mattpayne59Author Commented:
Few more questions... In your guide you have port 80 open to the CSG server.  Does that make sense?  You can bypass the SSL security or am I thinking about this incorrectly?  Shouldnt just 443 be open?

Also, what should I do with internal users?  Do I even need to bother using CSG or can I just set up an internal WI for them to use?  I am talking about the users who are going over private lines from my remote offices into our main office.
0
 
Carl WebsterCommented:
I have port 80 open for the Part 9 test.  Some people open port 80 and then do an SSL redirect so it doesn't matter if the users go to http or https.

Internal users can either go thru the CSG, if you want to make sure their traffic is also encrypted, or create a 2nd site for internal users.  There are docs on the Citrix site for doing that and also on msterminalservices.org (or .com can never remember which).
0
 
mattpayne59Author Commented:
I have one more strange problem with all of this.  When I try to connect from my home pc and my laptop using Citrix Desktop Viewer, I get "The connection to <Name> failed with status (1030)."  However, if I dont use Citrix Desktop Viewer, it connects fine.  Any idea what this is all about?
0
 
mattpayne59Author Commented:
If I use http:// instead of https://, everything works fine.  Is that because it is using the WI instead of CSG?  Any idea what I could have configured wrong here?  I spent a lot of time going over it and everything looks right.
0
 
Carl WebsterCommented:
You got me, I have never used Citrix Desktop Viewer and never heard of it.
0
 
mattpayne59Author Commented:
Have you used any of the new clients?  It installs automatically... I personally dont like it but I have to account for it.  Something just isnt working right with CSG I think.  Right now I have people connecting to just the WI and it seems to be redirecting properly to both Xenapp servers.  I thought CSG was required for this functionality?
0
 
Carl WebsterCommented:
People should be connecting to the FQDN of the CSG, the CSG redirects to the WI and from there to the XenApp servers.

I have only used the web client of the new client version.

0
 
mattpayne59Author Commented:
CSG only applies if https is used, right?  If I just go to http I am going through the WI?  It works fine just using http but as soon as I use https I get all sorts of errors.
0
 
Carl WebsterCommented:
I am on the road until January 19th.  Can you attach screen shots of the https errors?
0
 
mattpayne59Author Commented:
I will attach some screen shots of the errors tonight when I get home.  There is something strange going on here with this whole setup.
0
 
mattpayne59Author Commented:
Ok, so again:

If I go to http://citrixaddress.domain.com, the WI loads, I log in and get my published apps,  When I click on them, it launches properly.

If I go to https://citrixaddress.domain.com, everything is the same until I click on the published apps,  Once I click on the published app, I get this error on the attached file.

Another strange thing is even when I use http://, on some computers I get the following SSL error.  This is fixed just by downloading the latest Microsoft root certificates, but I dont understand why SSL is in play here if it is not https.
citrix-ssl-error.jpg
godaddy-ssl-error.jpg
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 10
  • 8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now