Solved

Ipad citrix receiver accross  cisco anyconnect VPN.

Posted on 2011-02-11
6
1,656 Views
Last Modified: 2012-05-11
Hi Experts,

      I’m trying to connect their Iphone Ipad to our Xenapp 6 citrix services.
Internally, it’s working fine.. I can open all application available from the citrix receiver. When user are outside the office, they should connect the iphone or ipad to our office network with Anyconnect. I know the vpn on because I can do a remote desktop on the server. (So small on iphone!) When they are VPN connected, the cannot reach the citrix server for an unknown reason. I know the citrix service works across VPN because some users are connected from their laptop and can open the citrix service across VPN.  

Anybody know if I need special setting on my VPN, Citrix, or iphone to get connected properly?

Thanks,
0
Comment
Question by:C2enterprise
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 19

Expert Comment

by:BLipman
ID: 34875127
Are you allowing all ports and protocols across the VPN?  This should work like you are saying...

The way I suggest troubleshooting is using a PC with the XenApp OnlinePlugin (the old PNAgent stuff).  You enter the URL just like in iPad/phone/receiver and it should work via the VPN.  
0
 

Author Comment

by:C2enterprise
ID: 34875160
Yes i'm allowing all port /protocol and also removed NAT.
Salesman using laptop can connect to VPN and open Citrix online plugin v12 and it's working fine for them..  but know they bought some Ipad and want them connected too...  :(

On the Iphone, server line, i'm writing http:xenapp as the server name.. ( that works internally)  I also tried the full FQDN http:xenapp.domain.local/citrix/pnagent/config.xml 
still without success..
0
 

Author Comment

by:C2enterprise
ID: 34875164
Some people in PS4.5 talk about Secure Gateway for citrix..  but i'm using a single server here...
0
Is your NGFW recommended by NSS Labs?

Ours is! NSS Labs Next Generation Firewall Test gives the WatchGuard Firebox M4600 a "Recommended" rating! Curious where your NGFW landed on the  Security Value Map? See the map and download the full report today!

 
LVL 19

Expert Comment

by:BLipman
ID: 34875894
There are two ways I know of to get this working:

1) use Citrix Secure Gateway to tunnel the XenApp Services Site traffic through the firewall w/ no VPN (CSG is a free add-on that comes with the main Citrix product)

2) use address translation rules in the XA Services Site to make sure the right IP/port combos are provided to the devices.  

I am not sure why the pad would not work when the full client does, are you using SSL on the XA Services Site?
0
 

Accepted Solution

by:
C2enterprise earned 0 total points
ID: 34916220
Hi there,

Finally, I create another profile without split tunneling for the VPN and it’s working fine now..   I was able to RDP because server name was in ”cache”  2 days later I wasn’t able.. so I conclude about DNS error..    Laptops are already on the domain so they add mydomain.local by default on every query..  Not the Ipad..    Internally, citrix.mydomain.ca was redirect properly..  but vpn connected with split tunneling send DNS query to external DNS server.  Result of unresolved request..

I,m not sure if it’s the best way to do it.. but it’s working and management are happy..

i also post on that tread http://www.brianmadden.com/forums/t/48724.aspx 
0
 

Author Closing Comment

by:C2enterprise
ID: 34986555
Alternative method is used.. but probably not optimal method.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question