Solved

How To Configure External Access To Xenapp 5.0

Posted on 2013-05-26
16
483 Views
Last Modified: 2013-06-09
Hello EVERYBODY

I'm already installed xenapp 5.0 and installed web interface and configured it .
all application work internally fine .
i assigned public ip for the server and i can ping on public ip
and connect to the server remotely using public ip .

and configured external access based on this explanation :
http://aaronwalrath.wordpress.com/2010/04/19/installing-citrix-secure-gateway-and-web-interface-xenapp-6/5/

but i cannot connect the site externally ???
0
Comment
Question by:CanadianITS
  • 8
  • 4
  • 2
  • +2
16 Comments
 
LVL 1

Expert Comment

by:d1234567
Comment Utility
are you running the WI and the Secure gateway in the same server?

can you ping to your FQDN?
0
 
LVL 8

Expert Comment

by:barrykfl
Comment Utility
natThere is a UI u can config in web interface wizard  : just follow the wizard and OPEN your ip and port NAT in firewall then OK.

http://support.citrix.com/article/html/images/CTX127723-9.gif

Normally U should at least open port 1494 and http:// port 80 and NAT your internal and external ip.
0
 
LVL 23

Expert Comment

by:Ayman Bakr
Comment Utility
If you are using Citrix Secure Gateway (CSG), you don't need to NAT or open port 1494 from external. You will only need to open port 443 and CSG will handle the rest. Moreover, you will need to setup the Web Interface (WI) secure access setting with Gateway Direct.

Please provide details on the errors you receive, and/or any event IDs on your WI, CSG and XenApp.
0
 

Author Comment

by:CanadianITS
Comment Utility
Hello
Firstly Thanks To Everyone Answered me.
i'm just install citrix and web interface
and configure web interface and create a site and publish application .

and when tried to create external access to citrix just configured all setting that included in the upon link.

@ d1234567 : actually i don't know what is the secure gateway. and i can't ping using FQDN.
@ barrykfl : The ports that you mentioned already opened.
@ Mutawadi : firstly thanks for your efforts with me in citrix from first ask .
Secondly can you tell me how can i using (CSG) ??

This error for web Interface in event viewer :

Site path: C:\inetpub\wwwroot\Citrix\XenApp.

An error occurred while attempting to connect to the server (My Public IP) on port 80. Verify that the Citrix XML Service is running and is using the correct port. If the XML Service is configured to share ports with IIS, verify that IIS is running. This message was reported from the XML Service at address http://My Public IP/scripts/ctxsta.dll. The specified Secure Ticket Authority could not be contacted and will be temporarily removed from the list of active services. [Log ID: 3804cf96]
0
 

Author Comment

by:CanadianITS
Comment Utility
now i installed (CSG) and configured it .

after installation give me error message for certificate because the certificate founded not for citrix server. certificate error can deny me from connect externally ?
i'm already opened 443 port on citrix and configured secured client access as gateway direct like this explanation :
 
http://aaronwalrath.wordpress.com/2010/04/19/installing-citrix-secure-gateway-and-web-interface-xenapp-6/5/

and still can't connect externally.
i'm try to connect using the name or public ip but i can't connect.
Untitled3.png
0
 
LVL 23

Accepted Solution

by:
Ayman Bakr earned 500 total points
Comment Utility
Yes, you need a certificate from a third party for external access. A good and cheap one is from GoDaddy.com.

The following is a good 3-part article explains how to install WI, CSG and GoDaddy certificate:
http://www.dabcc.com/article.aspx?id=10101

Please go through it.
0
 

Author Comment

by:CanadianITS
Comment Utility
but i think if the problem in certificate the site must open and give me security alarm but in real life the site never open by name or by ip !!!
0
 
LVL 23

Expert Comment

by:Ayman Bakr
Comment Utility
I've seen many errors related to functionality when it boils down to how the certificate and CSG gets installed. It is worth doing right at the first time and see how it goes rather than spend hours and days trying to troubleshoot a problem of which its root cause is unknown.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 

Author Comment

by:CanadianITS
Comment Utility
the explanation in the three parts match my setting exactly. exception The Certificate Setting i haven't Certificate.
and actually i think the problem not from CA.
0
 

Author Comment

by:CanadianITS
Comment Utility
hello

now i can connect externally but the application don't work ???
WHEN I'M TRYING TO RUN APPLICATION DON'T RUN AND DOWNLOAD FILE " LANUCH.ICA" ???
0
 
LVL 1

Expert Comment

by:d1234567
Comment Utility
If you download the launch.ica means that you don't have receiver installed.,
0
 
LVL 19

Expert Comment

by:basraj
Comment Utility
Try the latest Citrix receiver and also check the below link:

http://support.citrix.com/article/CTX804493

Also what happens when you download the ICA file to your desktop and double-click to launch?
0
 
LVL 23

Expert Comment

by:Ayman Bakr
Comment Utility
Please see this article created on 2003 and updated on 2012 for possible causes for this issue and how to resolve:
http://support.citrix.com/article/CTX804493

As mentioned by basraj, it would be better to go for the latest receiver as this will ensure that it has built in resolution for most of the causes related to this issue.
0
 

Author Comment

by:CanadianITS
Comment Utility
hello everybody
as i mentioned before when i'm trying to run application from external it's download file name :  
" LANUCH.ICA"

and when i'm trying to run application internally give me error message related by the certificate
" snapshot error attached "

when i'm configure new certificate . it's assumed to solve internal run application .
and i think but not sure the certificate will solve external run application also .

i'll try it today and feedback you.
Thanks to all.
Untitled4.png
0
 

Author Comment

by:CanadianITS
Comment Utility
Hello Every Body
Firstly i'm so sorry about my late.
secondly .. i issued SSL from Go Daddy Finally and configure it to xenapp server.
but when try to connect to the site give me firstly loading page after second translate to Bad Gateway page ??? snapshot to two page in attach.

why the site didn't redirect me to authentication page ???

i'll Close this topic by mark reply number "6" for Mr. Mutawadi as a solution.
and one have answer to new trouble can post it here or in my new ASK:
http://www.experts-exchange.com/Software/System_Utilities/Remote_Access/Citrix/Q_28151974.html

Thanks.
0
 

Author Comment

by:CanadianITS
Comment Utility
Thanks For All
I Solved The Last Issue .
The Default Site In IIS was Stopped Because The port 443 was in use so.
I Change the site port to 444 " or any empty port " after that every thing working good.

Thanks.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

This article is an update and follow-up of my previous article:   Storage 101: common concepts in the IT enterprise storage This time, I expand on more frequently used storage concepts.
Veeam Backup & Replication has added a new integration – Veeam Backup for Microsoft Office 365.  In this blog, we will discuss how you can benefit from Office 365 email backup with the Veeam’s new product and try to shed some light on the needs and …
In this video tutorial I show you the main steps to install and configure  a VMware ESXi6.0 server. The video has my comments as text on the screen and you can pause anytime when needed. Hope this will be helpful. Verify that your hardware and BIO…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now