Solved

What ports do I need to open between a Citrix Secure Gateway server in our DMZ to our internal network to allow XenDesktop connections?

Posted on 2011-02-17
6
2,058 Views
Last Modified: 2012-05-11
I'm using Citrix Secure Gateway 3.2 and Web Interface 5.4 on a server in the DMZ, with ports 80, 1494, and 2598 open to the XenDesktop 5 DDC server on our internal network. Do I need to have any ports open to the virtual desktops as well? As it is, I get a protocol error when trying to connect to a virtual desktop from the external Web Interface and Event ID 104 in the Citrix Secure Gateway event log:

Log Name:      Citrix Secure Gateway
Source:        Citrix Secure Gateway
Date:          2/17/2011 2:20:32 PM
Event ID:      104
Task Category: (3)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      sg-svp02
Description:
Incoming Citrix Gateway Protocol upstream data could not be processed.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Citrix Secure Gateway" />
    <EventID Qualifiers="0">104</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-02-17T20:20:32.000000000Z" />
    <EventRecordID>1482</EventRecordID>
    <Channel>Citrix Secure Gateway</Channel>
    <Computer>sg-svp02</Computer>
    <Security />
  </System>
  <EventData>
    <Data>Incoming Citrix Gateway Protocol upstream data could not be processed.</Data>
  </EventData>
</Event>
0
Comment
Question by:ABARKE
6 Comments
 
LVL 3

Expert Comment

by:Sleetish
ID: 34920175
1494.

That's the short answer. More detail is here.

http://support.citrix.com/article/CTX118175 
0
 
LVL 6

Assisted Solution

by:Bxoz
Bxoz earned 125 total points
ID: 34920206
Citrix XML TCP-8080
Citrix ICA  TCP-1494
TCP-2598
0
 

Accepted Solution

by:
ABARKE earned 0 total points
ID: 34920662
Thanks for the replies. I ended up getting my network admin to open port 2598 from the SG servers in the DMZ to the individual virtual desktops and it fixed the problem. I though communication would go from the virtual desktops through the DDC, then to the Secure Gateway, but apparently not.
0
 
LVL 6

Expert Comment

by:Bxoz
ID: 34921295
Not very fair play, i give you the right port
0
 

Expert Comment

by:ModernMatt
ID: 34949862
Bxoz,

With respect, your reply didn't explain exactly where to open port 2598 to, which was the substance of the question. Thus, I am going to award it half points.

ModernMatt
Experts Exchange Moderator
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
StoreFront Category View 5 44
Stop Mail Forarding 4 44
Excel 2010 Addin Issue 2 50
Delete a registry key for user with roaming profile 2 50
Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
#CITRIX #XENDESKTOP #POC #Citrix Studio
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

930 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now