we have been stuggling with a problem for a few days, we have a citrix XENAPP Farm v 4.7 that contains two servers, plus a citrx web interface server v 5.2.
we have successfully configured our Cisco SSL VPN with SSO to connect to our server farm, however we are unable to access the published applications, the applcations begin to launch but never complete (see attached).
the citrix apps work fine from within the network and via a ipsec vpn. I believe the problem could be caused by missing configuration within the citrix web interface "secure access" I tried configuring gateway direct as an option but then we need to configure STA, so on each xenapp server I have configured the SSL relay settings using the instructions found here. http://support.citrix.com/article/CTX128257
however the gateway direct requires to be pointed to http://fqdn/ctxsta.dll
does this mean that we need to install IIS on the XENApp server or can we configured another server to be the STA.
Or are we heading down the wrong path altogther?
note that while connecting to citrix via the SSL VPN with the monitor open on theASA the IP requesting data from the citrix Farm is the inside interface of the ASA, however the traffic from the XENAPP (applications never get returned) see attached screen shot of ASA monitor.
one other thing to note we have secured the SSL vpn with a wildcard certificate it has been suggected that this is our problem??