Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1707
  • Last Modified:

Ipad citrix receiver accross cisco anyconnect VPN.

Hi Experts,

      I’m trying to connect their Iphone Ipad to our Xenapp 6 citrix services.
Internally, it’s working fine.. I can open all application available from the citrix receiver. When user are outside the office, they should connect the iphone or ipad to our office network with Anyconnect. I know the vpn on because I can do a remote desktop on the server. (So small on iphone!) When they are VPN connected, the cannot reach the citrix server for an unknown reason. I know the citrix service works across VPN because some users are connected from their laptop and can open the citrix service across VPN.  

Anybody know if I need special setting on my VPN, Citrix, or iphone to get connected properly?

Thanks,
0
C2enterprise
Asked:
C2enterprise
  • 4
  • 2
1 Solution
 
BLipmanCommented:
Are you allowing all ports and protocols across the VPN?  This should work like you are saying...

The way I suggest troubleshooting is using a PC with the XenApp OnlinePlugin (the old PNAgent stuff).  You enter the URL just like in iPad/phone/receiver and it should work via the VPN.  
0
 
C2enterpriseAuthor Commented:
Yes i'm allowing all port /protocol and also removed NAT.
Salesman using laptop can connect to VPN and open Citrix online plugin v12 and it's working fine for them..  but know they bought some Ipad and want them connected too...  :(

On the Iphone, server line, i'm writing http:xenapp as the server name.. ( that works internally)  I also tried the full FQDN http:xenapp.domain.local/citrix/pnagent/config.xml 
still without success..
0
 
C2enterpriseAuthor Commented:
Some people in PS4.5 talk about Secure Gateway for citrix..  but i'm using a single server here...
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
BLipmanCommented:
There are two ways I know of to get this working:

1) use Citrix Secure Gateway to tunnel the XenApp Services Site traffic through the firewall w/ no VPN (CSG is a free add-on that comes with the main Citrix product)

2) use address translation rules in the XA Services Site to make sure the right IP/port combos are provided to the devices.  

I am not sure why the pad would not work when the full client does, are you using SSL on the XA Services Site?
0
 
C2enterpriseAuthor Commented:
Hi there,

Finally, I create another profile without split tunneling for the VPN and it’s working fine now..   I was able to RDP because server name was in ”cache”  2 days later I wasn’t able.. so I conclude about DNS error..    Laptops are already on the domain so they add mydomain.local by default on every query..  Not the Ipad..    Internally, citrix.mydomain.ca was redirect properly..  but vpn connected with split tunneling send DNS query to external DNS server.  Result of unresolved request..

I,m not sure if it’s the best way to do it.. but it’s working and management are happy..

i also post on that tread http://www.brianmadden.com/forums/t/48724.aspx 
0
 
C2enterpriseAuthor Commented:
Alternative method is used.. but probably not optimal method.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now