Solved

Port 443 used by exchange but needed for Citrix Secure Gateway

Posted on 2011-03-18
8
1,027 Views
Last Modified: 2012-06-27
Port 443 on our firewall NAT is currently being used by exchange but I need to use 443 for Citrix Secure Gateway. What is the best way to get around this?
0
Comment
Question by:EJC9999
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 4

Accepted Solution

by:
cavp76 earned 167 total points
ID: 35168829
I assume only one public IP address, right? If so, here is a guide on how to change the default port on Citrix Secure Gateway...

HTH
0
 
LVL 14

Expert Comment

by:amichaell
ID: 35168910
Either:

1) Change the CSG port, which will work though isn't advisable as users will have to enter that port whenever they want to connect (e.g. https://citrix.mycompany.com:445).

2) Obtain a second public IP.  Some expense involved.
0
 
LVL 36

Assisted Solution

by:Carl Webster
Carl Webster earned 333 total points
ID: 35168971
cavp76, the writer of that article has a really good sense of humor.

amichaell, what you wrote for #1 is not true.  If you did that on a regular IIS web site that would be true.  But CSG will automatically the port change.
0
 
LVL 14

Expert Comment

by:amichaell
ID: 35168991
Maybe I misunderstood.  If CSG is listening on a port other than 443 wouldn't that port need to be appended to the URL entered in to the browser?
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 36

Assisted Solution

by:Carl Webster
Carl Webster earned 333 total points
ID: 35169339
No because you configure CSG to tell it what port to listen on.  It listens on that port and forwards stuff on the the Web Interface via the STA servers you list (which should be only your ZDCs).

http://support.citrix.com/proddocs/topic/xenapp5fp-w2k3/sg-configuration-inbound-v2.html

Type a listener TCP port number in the TCP Port field. This option is available only when the Monitor all IP addresses option is selected. The Secure Gateway/Secure Gateway Proxy listens for Secure Gateway or client connections on all available IP addresses using the port specified on the server. The default TCP port is 443.
0
 
LVL 1

Author Closing Comment

by:EJC9999
ID: 35201257
I changed the CSG port and IIS port and everything is working great. Carl is right, I did not need to use the port number in the url.

Thanks so much for everyones help.
0
 
LVL 1

Author Comment

by:EJC9999
ID: 35261064
I feel I may have awarded points incorrectly but more importantly posted an incorrect solution. I just got back to this project and noticed that I am having to use the port number at the end of the URL. Nothing has changed and I double checked all settings. I probably posted too quick without fully testing. If I dont use the port number, I go to IIS on my exchange box https://citrix.domain.com but with https://citrix.domain.com:444 I go to WI/CSG.

I thought it worked before without it but I guess I was seeing things.
0
 
LVL 14

Expert Comment

by:amichaell
ID: 35261333
Yep.  If you change a listening service's port then the client, in this case your web browser, needs to communicate over that port rather than the default.  So if you change CSG to listen on 444 then the client needs to pass the URL request appended with 444.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

CITRIX XENAPP 6.5 FARM CUSTOM POLICY - CHANGE MANAGEMENT WINDOW REBOOT SCHEDULE
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now