Solved

Users are having issues connecting to Citrix, not sure if I need to update or upgrade my Citrix environment.

Posted on 2010-08-19
11
2,716 Views
Last Modified: 2013-11-11
Hello,

I installed Citrix XenApp Server 5.0 back in 2008 and as you can imagine my environment has grown, so more of my physicians are accessing Citrix. I have a couple of apps, but one important application which is our EMR application that our doctors need to access from home, hospitals and now iphone/ipad. I'm trying to achieve a secure outside connection into our EMR application server, but my current Citrix solution is inconsistant and unreliable. I feel I may have neglected some important features, steps, hotfixes or maybe all.  I also need to make the iphone/ipad receiver work. Not sure what I'll need to get this done???? I also looked into Dazzel, but not sure if I need to update my Citrix hardware and software.  

The biggest error I get is when the physician connects to our citrix site and then selects application they sometimes get a connection error.

Another example error is when physicians connect using their mac they are able to connect to site URL, however when they select application it doesn't bring up the application (like it's thinking) until they hit the application icon once again, but then they get an error stating that there is another instance running. It will work once they close the other instance, but it's a hassle.

Honestly, I don't know where to begin troubleshooting. The physician's are using Citrix ICA Client 10.00.603. Their OS range from XP Pro, Vista, Windows 7 and now MACs. I've tried to download new client and it gets worse for some users, so I kept the old ica client. They use IE7 and 8 for the most part, but I've tested also tested mozilla and I sometimes get the same issue connection error.

I'd like to know any recommendations for any hotfixes or upgrades to any of my current settings. Should I upgrade to version 6.0 and redo all my servers? It hasn't been very long since I initially installed, so I'll have to explain to my boss why I need more money.  I just hesitate cause I'm working with a budget. At this point I don't really know which direction to go, so any advice/help is greatly appreciated. i'm hoping an Expert can look at my settings and see something I don't see.

Thanks so much and I wish I could provide more points on this issue.




This is my current environment;

Server #1 Server 2008 Std 64bit - is the Data Collector that runs my apps, it also has the application (EMR) installed with terminal server that configured and listed on my Citrix XenApp
Not a DC, however in my domain (RAPA.local)
Server #2 Server 2003 Std 32bit - Citrix Web Interface and Citrix Secure Gateway
Not a DC, however in my domain (RAPA.local)

I do not have PNAgent installed and I'm not sure if I need this, but it's listed as another site????

Citrix Web Interface Version: 5.0.1.29110
Citrix Secure Gateway: 3.1
IIS V6.0
IIS Site: Default Web Site
Path: /Citrix/XenApp
Set as the default page for the IIS site
Web Interface Secure Client Access Settings
Name: https://Citrix.myrapadocs.com444/Citrix/XenApp
Configuration Source: Local File
Technology: ASP
Version: 5.0
Authentication Point: Web Interface
URL: Same as name
Gateway Direct/Non translating firewalls
Access Management Version: 3.0
Manage server farms
Name: RAPA CITRIX       
XML port: 8080      
XMLtransport: HTTP
SSL Relay port: None      
Servers: WINCITRIX
Advance Farm Settings: Socket Pooling enabled for improve performance for SSL connections
Socket Timeout: 1 Min                  
Attempts made to contact the XML Service: 5 Min
Authentication Method: Explicit
Manage Session Preferences
General Settings:
User Customizations: Disable kiosk mode (keep user customizations)
User preferences: Display preference button to users is unchecked
Web Sessions timeout: 10 Minutes
Remote Connection
Connection Performance: All unchecked (Greyed Out)
Enable bandwidth control
Allow users to customize color depth
Allow users to customize audio quality
Allow users to customize printer mapping

Display: Allow user to customize window size (checked and greyed out)
       Allow font smooting
Local Resources

Keyboard: In Full screen mode only
PDA Settings: Disable
Special Folder Redirection: Unchecked and greyed out

Client Name: Web Interface should override client name (checked)

Manage Workspace Control: Disable
Automatic Reconnection During Logon
Reconnect Button
Log Off

Managed Access Method: Persistent URLs: unchecked Allow users to access published resources using browser bookmarks



Thanks so much.

nimdatx










 Access Management
0
Comment
Question by:nimdatx
  • 5
  • 4
  • 2
11 Comments
 
LVL 1

Author Comment

by:nimdatx
Comment Utility
Pic on Client Access
Secure-Client-Access.jpg
0
 
LVL 11

Expert Comment

by:AdamBNYC
Comment Utility
There are many things that come to mind here and unfortunately, It would seem that you may need a Platinum Citrix Partner to assist in the redesign of this farm. Few things to start with

1 - How many concurrent users are connecting to this farm?
2 - You only seem to have a single XenApp server. This is a single point of failure
3 - I'd very much like to recommend a Netscaler with Citrix Access Gateway Enterprise
4 - Ipad, Iphone access is not that difficult to configure, but you need to solve your existing issues before we even start thinking about that.
5 - Is your secure gateway sitting in a DMZ or is it in the LAN?
6 - PNagent is not needed for you at this time, But will play a part in ipad access.
7- make sure you're at the latest updates and hotfixes for Citrix.
8 - Going to XenApp 6 will not solve architecture issues. Lets concentrate on fixing what you already have.
0
 
LVL 1

Author Comment

by:nimdatx
Comment Utility
Perfect!!!!

1 - How many concurrent users are connecting to this farm?

At this time we have 10-15 concurrent users, however I will soon have 25-30 users.

2 - You only seem to have a single XenApp server. This is a single point of failure

I see that I do have a single point of failure, but unless this is a free add-on (Netscaler with Citrix Access Gateway) then I'll be told to make what I have work first.

3 - I'd very much like to recommend a Netscaler with Citrix Access Gateway Enterprise

I will look into that.

4 - Ipad, Iphone access is not that difficult to configure, but you need to solve your existing issues before we even start thinking about that.


5 - Is your secure gateway sitting in a DMZ or is it in the LAN?

DMZ and works, however need to reboot sometimes.

6 - PNagent is not needed for you at this time, But will play a part in ipad access.

iPad will need to be able to access our apps. Please my other ticket I opened up on this issue.

7- make sure you're at the latest updates and hotfixes for Citrix.

How do I manage my updates and hotfixes. I'm lost on this one, cause I do not see anything on my access management console. How do I know which are critical and which I need to install.

8 - Going to XenApp 6 will not solve architecture issues. Lets concentrate on fixing what you already have.
That's what i like to hear.
0
 
LVL 11

Expert Comment

by:AdamBNYC
Comment Utility
Considering its been some time since you upgraded this environment. I am going to go on the assumption that your not upgraded to the latest and greatest. There are a few components which would require the upgrade.

1 - Web interface should be upgraded. In the snapshot you are showing the web interface management in the access management console. It was moved out sometime ago. You may be on web interface version 4.6 - maybe 5.0. Your going to want to upgrade this. You can find out the version number by clicking on the web interface in the AMC and it should show you to the right what version you are running.

2 - Also, check hotfix management tab. If it shows nothing, then you have never applied an update to the farm. You should upgrade this as well.

All updates can be found at either support.citrix.com for the hotfixes
Download.citrix.com for the new web interface pieces. Word of caution on the web interface. If your current one looks red and white, Citrix completely redid the look and feel and its now blue and black. Might throw your users off at first. A newer web interface will be required for ipad access.

3 - Also depending on the workload of your users, you might want to start thinking about additional power after we get all this sorted. Depending on your ERM app and your rate of user growth, the single server will become more of an issue.  
0
 
LVL 1

Author Comment

by:nimdatx
Comment Utility
I'm sorry, I kinda listed too much info on my initial post and is kinda hard to read. My Citrix Web Interface Version is 5.0.1.29110
Citrix Secure Gateway: 3.1
IIS V6.0

Do you have any how-to's on upgrading WI and other components I need to upgrade? How simple is the upgrade?

You mentioned that the reason why I do not see any recommended hotfixes within my Access Management console is because I have not installed any hotfixes in the past, so I want to make sure I understand what it is I need to do to ensure I'm prompted to install the hotfixes/updates I need. How do I start the hotfixes install/
Is it ok that I have Server 2008 and Server 2003 on the same citrix environment?

What order should I start with this issue?

Step #1: Update WI from 5.0.1.29110 to current version
How-to ?

Step #2: Upgrade Secure gateway
How-to?

Step #3: Updates/ hotfixes
How-to?

Step #4: Plan on backup
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 11

Accepted Solution

by:
AdamBNYC earned 450 total points
Comment Utility
1 - http://support.citrix.com/proddocs/topic/web-interface-hardwick/wi-upgrade-existing-installation-gransden.html
2- Secure Gateway is at its latest version. FYI, SG is end of life.
3 - http://support.citrix.com/product/xa/v5.0_2008/hotfix/x64/         - xenapp hotfixes. Simply download and execute

BTW, Citrix does have some fantastic info on all of this at support.citrix.com. You can enter just about anything and come up with the doc for how to do it.
0
 
LVL 11

Expert Comment

by:AdamBNYC
Comment Utility
Server 2003 and 2008 in the same environment is ok. But NOT server 2008 r2. That would be xenapp 6 which needs to be in its own farm.
0
 
LVL 1

Author Comment

by:nimdatx
Comment Utility
Last question....what do you mean SG is end of life, why and what do you recommend I do?

With my current Citrix environment, do I need any additional appliances, upgrades in order to get iPhone and iPad to work with XenApp 5.0 and your suggested upgrades to WI and CSG?

Thanks so much.
0
 
LVL 7

Assisted Solution

by:dnsguru44
dnsguru44 earned 50 total points
Comment Utility
Just wanted to give give me .02 cents and completely agree with AdamBNYC.  Upgrading will not solve the issues you are experiencing as far as latency and connectivity issues.  As Adam stated, the focus should definitely be on the architecture, for example are you using SQL or SQL Express for your Data Store?  If not, this will make a huge difference in speed.  Also, having your Apps installed on the same server that hosts the Data Store will cause you all kinds of pain.  

If you can get the budget for another server, I recommend installing XenServer and creating VM's to host the Data Store and Web Interface and load balance your Apps against the two physical boxes.
0
 
LVL 1

Author Comment

by:nimdatx
Comment Utility
dnsguru,

You mentioned that installing apps on the same server that host the Data Store is not good, so help me understand why? When you say Data Store you do mean XenApp 5.0? I thought that in order to run XenApp 5.0 you needed Terminal Server and to load all apps on the XenApp Server.

Thanks,

nimdatx
0
 
LVL 7

Expert Comment

by:dnsguru44
Comment Utility
nimdatx -

My apologies for not elaborating...

It most definitely can be done, however there are a couple of things to consider:

1.  If the data store crashes this server due to a sql error, heavy load, etc, it will bring the app server down and vice versa.  A XenApp server will continue to function if it loses connectivity with the data store
2.  Having the data store on a separate server will increase the overall speed of your farm.
0

Featured Post

NetScaler Deployment Guides and Resources

Citrix NetScaler is certified to support many of the most commonly deployed enterprise applications. Deployment guides provide in-depth recommendations on configuring NetScaler to meet specific application requirements.

Join & Write a Comment

Suggested Solutions

It Is not possible to enable LLDP in vSwitch(at least is not supported by VMware), so in this article we will enable this, and also go trough how to enabled CDP and how to get this information in vSwitches and also in vDS.
This is an issue that we can get adding / removing permissions in the vCSA 6.0. We can also have issues searching for users / groups in the AD (using your identify sources). This is how one of the ways to handle this issues and fix it.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now