?
Solved

Your app is not available. Try again later.

Posted on 2012-09-04
22
Medium Priority
?
15,115 Views
Last Modified: 2012-09-11
Hello!

I am setting up a new citrix server with xenapp 6.5. Authentication is working fine and I am able to logon to WI.All my published apps are available here. But when trying to launch I recive the following errormessage: Your app is not available. Try again later.

In eventlog on Xenapp 6.5 server and webserver no errormessages is displayed.

When running qfarm /load on xenapp server load is reported to 0. Then running qfarm /load right after trying to launch a app load is reported to 100. This is normal?
0
Comment
Question by:Oeyhope
  • 12
  • 6
  • 2
  • +2
22 Comments
 
LVL 23

Expert Comment

by:Ayman Bakr
ID: 38362950
Do you have hotfix rollup pack 1 installed?

http://support.citrix.com/article/CTX132122

Are you using Storefront?
0
 

Author Comment

by:Oeyhope
ID: 38362951
I do not have any hotfix installed. Will try to install the rollup pack :)

Also not using storefront
0
 

Author Comment

by:Oeyhope
ID: 38362975
Sorry, same problem after hotfix rollup. I have also opened all firewall ports between xenapp server and webinterface. Same problem.
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:Oeyhope
ID: 38363017
Are there any other log files I can check to try to find  where the problem is?
0
 
LVL 23

Expert Comment

by:Ayman Bakr
ID: 38363216
Did you restart the XenApp server after installing the hotfix?

Can you check whether you have properly configured the XML and security ticket authority on the web interface - provide screenshots
0
 
LVL 2

Expert Comment

by:mlwa12144
ID: 38363241
You will get this error whenever the port is blocked. Check for the port 1494 and 2598 port. Telnet from the machine from where you are launching the citrix application:

telnet <ip address of the server on which the application is published> 1494
telnet <ip address of the server on which the application is published> 2598
0
 

Author Comment

by:Oeyhope
ID: 38363425
Mutawadi: Yes i restarted both xenapp server and WI

Attached is screenshots from XML and STA configuration
xml-service.png
sta.png
0
 

Author Comment

by:Oeyhope
ID: 38363434
mlwa12144: I tried to telnet from web interface to xenapp server. Port 1494 responed with ICA in telenet windows. Telnet to port 2598 responded with a black screen. No text. But port is opened in firewall. Attached is my firewall settings between web interface and xenapp server. 192.160.30.20 is webinterface and 192.168.1.95 is xenapp server
citrix-firewall-ports.png
0
 
LVL 23

Assisted Solution

by:Ayman Bakr
Ayman Bakr earned 2000 total points
ID: 38363468
Your STA and XML configuration seem fine - my question would be: is Venus the same as the XenApp server, or web interface server or a separate one?

In the firewall the web interface IP shows 192.168.30.20  - however you said the IP is 192.160.30.20, but I guess the latter is a typo. However you need to note that you need to open those TCP ports 1494, and 2598 on the firewall between the clients and the XenApp servers. So if the clients are not in the same vLAn as the Web Interface then you need to open the ports on the firewall between the clients vLAN and the XenApp vLAN.
0
 

Author Comment

by:Oeyhope
ID: 38363527
Thank you for your response Mutawadi

Venus is my XenApp server :)

Web inteface ip is 192.168.30.20, sorry about the typo. I authenticate using Citrix Access Gateway. This is working fine. So the firewall ports is open correct? Attached is another firewall config from traffic coming outside
firewall-ports.png
0
 

Author Comment

by:Oeyhope
ID: 38363601
I have noticed after installing hotix rollup this error message in eventviewer on xenapp server: An error occurred when processing incoming CGP downstream data.
0
 
LVL 23

Accepted Solution

by:
Ayman Bakr earned 2000 total points
ID: 38363602
If you authenticate using CAG then you need to open TCP port 443 between the clients and CAG and, I believe TCP ports 1494 and 2598, between the CAG and XenApp servers.

But as you are using CAG then ensure that you are using Gateway Direct on the Web Interface. From the previous screenshots, and as you are using CAG, why isn't your CAG URL configured with https?
0
 
LVL 23

Expert Comment

by:Ayman Bakr
ID: 38363635
Processing incoming CGP... downstream data, is a sign that the Maximum Access Gateway Users Allowed is too low on your CAG. Ensure that this value on the CAG matches the number of licenses.
0
 
LVL 23

Expert Comment

by:Ayman Bakr
ID: 38363639
0
 
LVL 19

Expert Comment

by:basraj
ID: 38366667
If you have used NAT in the firewall, then also make sure you also set Gateway translated in the web interface console
0
 
LVL 8

Expert Comment

by:barrykfl
ID: 38366727
Can u configure by pass the CSG if the apps launch sucessfully if no CSG . If so then drill down
to CSG , Aslo would u try IP directry instead of .local ?

Also You see all icons right ? if so right click any of icon and save as *.ica ...use a wordpad to edit it , check the config in details... can the application resolve the right ip and right locations ?

Try edit the wordpad parameter if you think related , save and click it until it laucnh the corresponding apps.
0
 

Author Comment

by:Oeyhope
ID: 38366808
Thank you all for solutions. I will try these solutions when I get back to work in a couple of hours :)
0
 

Author Comment

by:Oeyhope
ID: 38367264
I have tried bypassing the CAG, and same problem exists. So problem must be between xenapp server and webinterface.

Communication between CAG and Xenapp servers are open, since XenApp and internal inteface on CAG are on same network and not behind a firewall.

CAG is also setup at gateway direct. Should work even if CAG is not setup with https?

I am able to logon to webinterface and see icons. Here are a sample of a published notepad app. Only interesting thing here are the SSLProxyHost: citrix.example.com. This url is pointing to my cag. Is this wrong? Should it point to my webserver instead?

[Encoding]
InputEncoding=UTF8

[WFClient]
CPMAllowed=On
ProxyFavorIEConnectionSetting=Yes
ProxyTimeout=30000
ProxyType=Auto
ProxyUseFQDN=Off
RemoveICAFile=yes
TransparentKeyPassthrough=Local
TransportReconnectEnabled=Off
VSLAllowed=On
Version=2
VirtualCOMPortEmulation=Off

[ApplicationServers]
Notepad=

[Notepad]
Address=;10;STA77A6F1EF8DC2;F0812E24B691A16B8237C7E2B64FE62C
AutologonAllowed=ON
BrowserProtocol=HTTPonTCP
ClearPassword=E42E791A498C50
ClientAudio=On
DesiredColor=8
DesiredHRES=0
DesiredVRES=0
DoNotUseDefaultCSL=On
Domain=\D3A12BD64D00B702
FontSmoothingType=0
HTTPBrowserAddress=!
InitialProgram=#Notepad
LPWD=0
LaunchReference=Yg3nKqDCJR6/Amn9+nYBR9DZzV6C062uXP41jGz23tc=
Launcher=WI
LocHttpBrowserAddress=!
LogonTicket=E42E791A498C50D3A12BD64D00B702
LogonTicketType=CTXS1
LongCommandLine=
NRWD=0
ProxyTimeout=30000
ProxyType=Auto
SFRAllowed=Off
SSLCiphers=all
SSLEnable=On
SSLProxyHost=citrix.example.com:443
SecureChannelProtocol=Detect
SessionsharingKey=-NsYhxgXU56oL2ZZ219PUeN
StartIFDCD=1346838632339
StartSCD=1346838632339
TRWD=0
TWIMode=On
Title=Notepad
TransportDriver=TCP/IP
WinStationDriver=ICA 3.0

[Compress]
DriverNameWin16=pdcompw.dll
DriverNameWin32=pdcompn.dll

[EncRC5-0]
DriverNameWin16=pdc0w.dll
DriverNameWin32=pdc0n.dll

[EncRC5-128]
DriverNameWin16=pdc128w.dll
DriverNameWin32=pdc128n.dll

[EncRC5-40]
DriverNameWin16=pdc40w.dll
DriverNameWin32=pdc40n.dll

[EncRC5-56]
DriverNameWin16=pdc56w.dll
DriverNameWin32=pdc56n.dll

Open in new window

0
 
LVL 8

Expert Comment

by:barrykfl
ID: 38370757
1st thing u can check is off SSLEnable=off ...to make a real direct connecton to your notepad.
of course your should set notepad can accept any kinds of connection. if it work then
change your SSL proxy gateway and test again. something like csg.yourdomain.com:443


http://support.citrix.com/article/CTX115468
0
 

Author Comment

by:Oeyhope
ID: 38371271
After som research on my firewall, I noticed this error shows up everytime I try to open a app on citrix

Deny IP spoof from (203.X.X.X) to 58.X.X.X on interface outside

The 203.X.X.X is my legitimate WAN address for those in the inside network where as 58.X.X.X would refer to the WAN IP for the Citrix web Inteface.
0
 

Assisted Solution

by:Oeyhope
Oeyhope earned 0 total points
ID: 38371958
Problem solved. Solution was to add range for ica access control list in cag. See screenshot Now external and internal users can open apps :)

Now as a last question. How can I have internal users not authenticate using cag? This is only needed for external users
ica-access.png
0
 

Author Closing Comment

by:Oeyhope
ID: 38385999
Solution was to add range for ica access control list in cag. See screenshot Now external and internal users can open apps :)
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After several days of searching and hunting for limited documentation, I wanted to share this guide to hopefully save someone the hassle of trying to figure this out on their own. I have tested this on Xendesktop 7.1 and PS 4.5 running simultaneous…
#Citrix #Citrix Policies #XenDesktop #VDI #POC #Citrix Univeral Printer Driver #Citrix UPD
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses

807 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question