How To Configure External Access To Xenapp 5.0


I'm already installed xenapp 5.0 and installed web interface and configured it .
all application work internally fine .
i assigned public ip for the server and i can ping on public ip
and connect to the server remotely using public ip .

and configured external access based on this explanation :

but i cannot connect the site externally ???
Who is Participating?
Ayman BakrConnect With a Mentor Senior ConsultantCommented:
Yes, you need a certificate from a third party for external access. A good and cheap one is from

The following is a good 3-part article explains how to install WI, CSG and GoDaddy certificate:

Please go through it.
are you running the WI and the Secure gateway in the same server?

can you ping to your FQDN?
natThere is a UI u can config in web interface wizard  : just follow the wizard and OPEN your ip and port NAT in firewall then OK.

Normally U should at least open port 1494 and http:// port 80 and NAT your internal and external ip.
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Ayman BakrSenior ConsultantCommented:
If you are using Citrix Secure Gateway (CSG), you don't need to NAT or open port 1494 from external. You will only need to open port 443 and CSG will handle the rest. Moreover, you will need to setup the Web Interface (WI) secure access setting with Gateway Direct.

Please provide details on the errors you receive, and/or any event IDs on your WI, CSG and XenApp.
CanadianITSAuthor Commented:
Firstly Thanks To Everyone Answered me.
i'm just install citrix and web interface
and configure web interface and create a site and publish application .

and when tried to create external access to citrix just configured all setting that included in the upon link.

@ d1234567 : actually i don't know what is the secure gateway. and i can't ping using FQDN.
@ barrykfl : The ports that you mentioned already opened.
@ Mutawadi : firstly thanks for your efforts with me in citrix from first ask .
Secondly can you tell me how can i using (CSG) ??

This error for web Interface in event viewer :

Site path: C:\inetpub\wwwroot\Citrix\XenApp.

An error occurred while attempting to connect to the server (My Public IP) on port 80. Verify that the Citrix XML Service is running and is using the correct port. If the XML Service is configured to share ports with IIS, verify that IIS is running. This message was reported from the XML Service at address http://My Public IP/scripts/ctxsta.dll. The specified Secure Ticket Authority could not be contacted and will be temporarily removed from the list of active services. [Log ID: 3804cf96]
CanadianITSAuthor Commented:
now i installed (CSG) and configured it .

after installation give me error message for certificate because the certificate founded not for citrix server. certificate error can deny me from connect externally ?
i'm already opened 443 port on citrix and configured secured client access as gateway direct like this explanation :

and still can't connect externally.
i'm try to connect using the name or public ip but i can't connect.
CanadianITSAuthor Commented:
but i think if the problem in certificate the site must open and give me security alarm but in real life the site never open by name or by ip !!!
Ayman BakrSenior ConsultantCommented:
I've seen many errors related to functionality when it boils down to how the certificate and CSG gets installed. It is worth doing right at the first time and see how it goes rather than spend hours and days trying to troubleshoot a problem of which its root cause is unknown.
CanadianITSAuthor Commented:
the explanation in the three parts match my setting exactly. exception The Certificate Setting i haven't Certificate.
and actually i think the problem not from CA.
CanadianITSAuthor Commented:

now i can connect externally but the application don't work ???
If you download the launch.ica means that you don't have receiver installed.,
Try the latest Citrix receiver and also check the below link:

Also what happens when you download the ICA file to your desktop and double-click to launch?
Ayman BakrSenior ConsultantCommented:
Please see this article created on 2003 and updated on 2012 for possible causes for this issue and how to resolve:

As mentioned by basraj, it would be better to go for the latest receiver as this will ensure that it has built in resolution for most of the causes related to this issue.
CanadianITSAuthor Commented:
hello everybody
as i mentioned before when i'm trying to run application from external it's download file name :  

and when i'm trying to run application internally give me error message related by the certificate
" snapshot error attached " 

when i'm configure new certificate . it's assumed to solve internal run application .
and i think but not sure the certificate will solve external run application also .

i'll try it today and feedback you.
Thanks to all.
CanadianITSAuthor Commented:
Hello Every Body
Firstly i'm so sorry about my late.
secondly .. i issued SSL from Go Daddy Finally and configure it to xenapp server.
but when try to connect to the site give me firstly loading page after second translate to Bad Gateway page ??? snapshot to two page in attach.

why the site didn't redirect me to authentication page ???

i'll Close this topic by mark reply number "6" for Mr. Mutawadi as a solution.
and one have answer to new trouble can post it here or in my new ASK:

CanadianITSAuthor Commented:
Thanks For All
I Solved The Last Issue .
The Default Site In IIS was Stopped Because The port 443 was in use so.
I Change the site port to 444 " or any empty port " after that every thing working good.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.