citrix xenapp 5.0

I currently have a xenapp windows 2003 farm comprised of 3 server.  I have the WI configured on one of the server and have opened up port 1494 and 80 on my firewall/router.  I would like to publish the desktops of the other two servers.  I've created a published application (server desktop) on for the other two servers.  But when I tried to launch the published server desktop I get a: The connection to "SERVER" failed with status (1030).  Can someone please tell me what I'm missing.  Thank you.
HarterAsked:
Who is Participating?
 
Dirk KotteSECommented:
you need port 1494/2598 to all three servers from outside ...
NATing to a single server is not the option to reach 3 servers.
you have to publish the 3 servers with unique external IP-Adresses and set up translation for every one of these servers.

the better option is to use SSL relay (citrix secure gateway)
than you need only one external address to reach the CSG with port 443 (and your password is secured throught the internet ;-) )
the CSG (placed within the DMZ or at your LAN near to your 3 servers -- on top of one server is also possible but not recommended) than relays the requested TCP connections to the right server without any additional translation.
0
 
Sekar ChinnakannuStaff EngineerCommented:
make sure you have opened 2598 port too. Check this citrix article too http://support.citrix.com/article/CTX911130/
0
 
Vijaya Reddy Pinnapa ReddyCommented:
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
basrajCommented:
1. Is it happening for other applications as well? Try to create a test application like notepad and try to launch the application.
2. What is the secure access method that you see in Web interface console? You can find this under Manage secure farm. If NAT is enabled on your network, this is the place where you have mention the internal and external Ip addresses.
3. If you're using Https for URL, then also check if 443 is open.

If still the same problem, please provide us the snapshot of the application properties as well as web interface configuration page. You can erase your company URL or ip address for security reasons.
0
 
Ayman BakrSenior ConsultantCommented:
Can you describe the architecture of your setup.
0
 
barrykflCommented:
Did u lauch using the web interface ? is it ok in intradnet as set before ?

U need set NAT in the  presentation server console .

Try scan your firewall outside if it is really opened ? is it open as outbound ?

server-citrix : 1494 >>> internet ?
server-citrix : 80 >>> internet ?

also try allow any ports form internet connect to the server-citrix:1494
server-citrix:1494  <<<< internet PC any port


opened up port 1494 and 80

Then check NAT did u set or not if though internet. hope help
0
 
Jayanta SarmahCommented:
This is most likely port 2598 is still not open as suggested in the first response by Sekarc4u, you can test this from the workstation commandprompt running the below command:

telnet servername 2598
telnet servername 1494

** replace servername with your server hostname. although the port 1494 is open make sure destination and source are correctly defined etc.
0
 
HarterAuthor Commented:
Thank you all for the great comments and suggestions.  I will try to address all suggestions:
1. by: sekarc4u - port 2598 is opened on the firewall/router.
2. by: elchuru: great articles
3. by: basraj: It is not happening when launching the server desktop application from inside the network only from outside.  All other applications work great internal and external. secure access method is translated.  not using 443 just http.

by: Mutawadi: Three (3) Windows 2003 server Citrix Xenapp 5.0 farm.  All are running Xenapp and WI as they all existed in their own farm.  However I chfarm two (server 2 and 3) and joined them into one (server 1).  Server 1 is using WI translated secured access method.  Ports 1494 and 80 are opened and forwarded to the server 1.
by: barrykfl: yes internally everything works fine.
by: sarmahjay: did a telnet session and everything works fine.
0
 
HarterAuthor Commented:
Unfortunately, still not working from outside the network.
0
 
HarterAuthor Commented:
I opened the two port on my firewall/router and have them forwarding to all three servers and still get the "the connection to "server2" failed with status (1030).
0
 
HarterAuthor Commented:
is it not possible to publish the desktops of multiple server in a single farm? - Does anything need to be configured on the two other servers?
0
 
Dirk KotteSECommented:
sure
0
 
Dirk KotteSECommented:
without CSG:
if you publish "desktop from server 2" the launch.ica file contains the destination-address of the server. with NAT these adress also contains the external address (eg: external-ip2)
if a user click the "desktop server2" the connection is established to the external ip 2 and your NAT-Router/Firewall has to redirect the request to the internal ip of server 2.
0
 
Dirk KotteSECommented:
if you own only one IP you need CSG ... or something like that
0
 
Dirk KotteSECommented:
CSG works like an internal proxy. All traffic are send (tunneld) to this service and the CSG distribute the connections to your internal servers.
0
 
HarterAuthor Commented:
Excellent I will try that and see how it goes.  Thank you all for the great comments and suggestions.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.