How To Configure External Access To Xenapp 5.0

Posted on 2013-05-26
Last Modified: 2013-06-09

I'm already installed xenapp 5.0 and installed web interface and configured it .
all application work internally fine .
i assigned public ip for the server and i can ping on public ip
and connect to the server remotely using public ip .

and configured external access based on this explanation :

but i cannot connect the site externally ???
Question by:CanadianITS
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 4
  • 2
  • +2

Expert Comment

ID: 39198352
are you running the WI and the Secure gateway in the same server?

can you ping to your FQDN?

Expert Comment

ID: 39198404
natThere is a UI u can config in web interface wizard  : just follow the wizard and OPEN your ip and port NAT in firewall then OK.

Normally U should at least open port 1494 and http:// port 80 and NAT your internal and external ip.
LVL 23

Expert Comment

by:Ayman Bakr
ID: 39198615
If you are using Citrix Secure Gateway (CSG), you don't need to NAT or open port 1494 from external. You will only need to open port 443 and CSG will handle the rest. Moreover, you will need to setup the Web Interface (WI) secure access setting with Gateway Direct.

Please provide details on the errors you receive, and/or any event IDs on your WI, CSG and XenApp.
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 39198692
Firstly Thanks To Everyone Answered me.
i'm just install citrix and web interface
and configure web interface and create a site and publish application .

and when tried to create external access to citrix just configured all setting that included in the upon link.

@ d1234567 : actually i don't know what is the secure gateway. and i can't ping using FQDN.
@ barrykfl : The ports that you mentioned already opened.
@ Mutawadi : firstly thanks for your efforts with me in citrix from first ask .
Secondly can you tell me how can i using (CSG) ??

This error for web Interface in event viewer :

Site path: C:\inetpub\wwwroot\Citrix\XenApp.

An error occurred while attempting to connect to the server (My Public IP) on port 80. Verify that the Citrix XML Service is running and is using the correct port. If the XML Service is configured to share ports with IIS, verify that IIS is running. This message was reported from the XML Service at address http://My Public IP/scripts/ctxsta.dll. The specified Secure Ticket Authority could not be contacted and will be temporarily removed from the list of active services. [Log ID: 3804cf96]

Author Comment

ID: 39198852
now i installed (CSG) and configured it .

after installation give me error message for certificate because the certificate founded not for citrix server. certificate error can deny me from connect externally ?
i'm already opened 443 port on citrix and configured secured client access as gateway direct like this explanation :

and still can't connect externally.
i'm try to connect using the name or public ip but i can't connect.
LVL 23

Accepted Solution

Ayman Bakr earned 500 total points
ID: 39198970
Yes, you need a certificate from a third party for external access. A good and cheap one is from

The following is a good 3-part article explains how to install WI, CSG and GoDaddy certificate:

Please go through it.

Author Comment

ID: 39198980
but i think if the problem in certificate the site must open and give me security alarm but in real life the site never open by name or by ip !!!
LVL 23

Expert Comment

by:Ayman Bakr
ID: 39198998
I've seen many errors related to functionality when it boils down to how the certificate and CSG gets installed. It is worth doing right at the first time and see how it goes rather than spend hours and days trying to troubleshoot a problem of which its root cause is unknown.

Author Comment

ID: 39199008
the explanation in the three parts match my setting exactly. exception The Certificate Setting i haven't Certificate.
and actually i think the problem not from CA.

Author Comment

ID: 39199221

now i can connect externally but the application don't work ???

Expert Comment

ID: 39199431
If you download the launch.ica means that you don't have receiver installed.,
LVL 19

Expert Comment

ID: 39200044
Try the latest Citrix receiver and also check the below link:

Also what happens when you download the ICA file to your desktop and double-click to launch?
LVL 23

Expert Comment

by:Ayman Bakr
ID: 39200281
Please see this article created on 2003 and updated on 2012 for possible causes for this issue and how to resolve:

As mentioned by basraj, it would be better to go for the latest receiver as this will ensure that it has built in resolution for most of the causes related to this issue.

Author Comment

ID: 39200869
hello everybody
as i mentioned before when i'm trying to run application from external it's download file name :  

and when i'm trying to run application internally give me error message related by the certificate
" snapshot error attached " 

when i'm configure new certificate . it's assumed to solve internal run application .
and i think but not sure the certificate will solve external run application also .

i'll try it today and feedback you.
Thanks to all.

Author Comment

ID: 39232636
Hello Every Body
Firstly i'm so sorry about my late.
secondly .. i issued SSL from Go Daddy Finally and configure it to xenapp server.
but when try to connect to the site give me firstly loading page after second translate to Bad Gateway page ??? snapshot to two page in attach.

why the site didn't redirect me to authentication page ???

i'll Close this topic by mark reply number "6" for Mr. Mutawadi as a solution.
and one have answer to new trouble can post it here or in my new ASK:


Author Comment

ID: 39232677
Thanks For All
I Solved The Last Issue .
The Default Site In IIS was Stopped Because The port 443 was in use so.
I Change the site port to 444 " or any empty port " after that every thing working good.


Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
Will try to explain how to use the VMware feature TAGs in the VMs and create Veeam Backup Jobs using TAGs. Since this article is too long, I will create second article for the Veeam tasks.
In this video tutorial I show you the main steps to install and configure  a VMware ESXi6.0 server. The video has my comments as text on the screen and you can pause anytime when needed. Hope this will be helpful. Verify that your hardware and BIO‚Ķ
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question