Solved

Ipad citrix receiver accross  cisco anyconnect VPN.

Posted on 2011-02-11
6
1,638 Views
Last Modified: 2012-05-11
Hi Experts,

      I’m trying to connect their Iphone Ipad to our Xenapp 6 citrix services.
Internally, it’s working fine.. I can open all application available from the citrix receiver. When user are outside the office, they should connect the iphone or ipad to our office network with Anyconnect. I know the vpn on because I can do a remote desktop on the server. (So small on iphone!) When they are VPN connected, the cannot reach the citrix server for an unknown reason. I know the citrix service works across VPN because some users are connected from their laptop and can open the citrix service across VPN.  

Anybody know if I need special setting on my VPN, Citrix, or iphone to get connected properly?

Thanks,
0
Comment
Question by:C2enterprise
  • 4
  • 2
6 Comments
 
LVL 19

Expert Comment

by:BLipman
ID: 34875127
Are you allowing all ports and protocols across the VPN?  This should work like you are saying...

The way I suggest troubleshooting is using a PC with the XenApp OnlinePlugin (the old PNAgent stuff).  You enter the URL just like in iPad/phone/receiver and it should work via the VPN.  
0
 

Author Comment

by:C2enterprise
ID: 34875160
Yes i'm allowing all port /protocol and also removed NAT.
Salesman using laptop can connect to VPN and open Citrix online plugin v12 and it's working fine for them..  but know they bought some Ipad and want them connected too...  :(

On the Iphone, server line, i'm writing http:xenapp as the server name.. ( that works internally)  I also tried the full FQDN http:xenapp.domain.local/citrix/pnagent/config.xml
still without success..
0
 

Author Comment

by:C2enterprise
ID: 34875164
Some people in PS4.5 talk about Secure Gateway for citrix..  but i'm using a single server here...
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 19

Expert Comment

by:BLipman
ID: 34875894
There are two ways I know of to get this working:

1) use Citrix Secure Gateway to tunnel the XenApp Services Site traffic through the firewall w/ no VPN (CSG is a free add-on that comes with the main Citrix product)

2) use address translation rules in the XA Services Site to make sure the right IP/port combos are provided to the devices.  

I am not sure why the pad would not work when the full client does, are you using SSL on the XA Services Site?
0
 

Accepted Solution

by:
C2enterprise earned 0 total points
ID: 34916220
Hi there,

Finally, I create another profile without split tunneling for the VPN and it’s working fine now..   I was able to RDP because server name was in ”cache”  2 days later I wasn’t able.. so I conclude about DNS error..    Laptops are already on the domain so they add mydomain.local by default on every query..  Not the Ipad..    Internally, citrix.mydomain.ca was redirect properly..  but vpn connected with split tunneling send DNS query to external DNS server.  Result of unresolved request..

I,m not sure if it’s the best way to do it.. but it’s working and management are happy..

i also post on that tread http://www.brianmadden.com/forums/t/48724.aspx
0
 

Author Closing Comment

by:C2enterprise
ID: 34986555
Alternative method is used.. but probably not optimal method.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now