Solved

What ports do I need to open between a Citrix Secure Gateway server in our DMZ to our internal network to allow XenDesktop connections?

Posted on 2011-02-17
6
2,054 Views
Last Modified: 2012-05-11
I'm using Citrix Secure Gateway 3.2 and Web Interface 5.4 on a server in the DMZ, with ports 80, 1494, and 2598 open to the XenDesktop 5 DDC server on our internal network. Do I need to have any ports open to the virtual desktops as well? As it is, I get a protocol error when trying to connect to a virtual desktop from the external Web Interface and Event ID 104 in the Citrix Secure Gateway event log:

Log Name:      Citrix Secure Gateway
Source:        Citrix Secure Gateway
Date:          2/17/2011 2:20:32 PM
Event ID:      104
Task Category: (3)
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      sg-svp02
Description:
Incoming Citrix Gateway Protocol upstream data could not be processed.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Citrix Secure Gateway" />
    <EventID Qualifiers="0">104</EventID>
    <Level>2</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-02-17T20:20:32.000000000Z" />
    <EventRecordID>1482</EventRecordID>
    <Channel>Citrix Secure Gateway</Channel>
    <Computer>sg-svp02</Computer>
    <Security />
  </System>
  <EventData>
    <Data>Incoming Citrix Gateway Protocol upstream data could not be processed.</Data>
  </EventData>
</Event>
0
Comment
Question by:ABARKE
6 Comments
 
LVL 3

Expert Comment

by:Sleetish
ID: 34920175
1494.

That's the short answer. More detail is here.

http://support.citrix.com/article/CTX118175
0
 
LVL 6

Assisted Solution

by:Bxoz
Bxoz earned 125 total points
ID: 34920206
Citrix XML TCP-8080
Citrix ICA  TCP-1494
TCP-2598
0
 

Accepted Solution

by:
ABARKE earned 0 total points
ID: 34920662
Thanks for the replies. I ended up getting my network admin to open port 2598 from the SG servers in the DMZ to the individual virtual desktops and it fixed the problem. I though communication would go from the virtual desktops through the DDC, then to the Secure Gateway, but apparently not.
0
 
LVL 6

Expert Comment

by:Bxoz
ID: 34921295
Not very fair play, i give you the right port
0
 

Expert Comment

by:ModernMatt
ID: 34949862
Bxoz,

With respect, your reply didn't explain exactly where to open port 2598 to, which was the substance of the question. Thus, I am going to award it half points.

ModernMatt
Experts Exchange Moderator
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Citrix XenDesktop, gold image, VMware, vSphere.
#Citrix #XenApp #Citrix Scout #Citrix Insight Services #Microsoft VMMAP #Microsoft ADEXPLORE #Microsoft RAMMAP #Microsoft TCPVIEW #Microsoft AUTORUNS #Microsoft PROCESS EXPLORER #Microsoft PROCESS MONITOR
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now