Citrix Metaframe server Connectivity across a firewall

This is Citrix Metaframe XP 1.3 (2003) server which has been and is still working fine. Yesterday, we connected to a new Internet provider, and thus modified the firewall configuration so that old external IP for Citrix server is replaced by the new external IP. (This is SonicWall; we updated Net Policies and Access Rules.)

I also ran ALDADDR /SET command on Citrix server to change old external IP with new.

From outside the firewall, I can telnet to port 1494 at the new external IP of Citrix server but applications don't show up when Client is launched. Firewall shows some TCP Citrix traffic passing thru but no UDP Citrix traffic.

From my past experierence at other companies, I know that a ICA file specifies TcpBrowserAddress in [WFClient] section, but at this company -- where I am new -- no ICA file was in use. I cannot find such a file on the Citrix server or on the client that was connecting before. (Users connect to the server and then are shown a few folders, each of which contain a group of applications.)

What else needs to be updated/changed on Citrix server (or client?) so users can connect to it at the new IP address? (Internal users obviously have no issues.) Thanks so much.


AK
LVL 3
AkulshAsked:
Who is Participating?
 
Tony JLead Technical ArchitectCommented:
And from a client can you telnet onto the MF server on TCP 1494?

Have you checked any other ports?

http://support.citrix.com/article/ctx184502
0
 
Tony JLead Technical ArchitectCommented:
What are the users using to connect to the MF servers? An old Program Neighbourhood?

Is it possible they have the public IP address hard-coded into the ICA browser address box (now I'm going from memory there and it's been a long time so it might be called soment slightly different).
0
 
AkulshAuthor Commented:
Yes, they are using Program Neighborhood.

How can IP address be hard coded in that client? We have also tried from a new workstation. Same results, so that is not likely the case.

Any other idea. Thanks.
0
The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

 
Tony JLead Technical ArchitectCommented:
Ah here we go. Dug out some old instructions:

Click Server Location

Deselect Use Default

Click Add

Add a Citrix server by name (if in DNS) or IP address*

Click OK

*Are you using a public DNS and has it propagated yet with with the new IP?
0
 
AkulshAuthor Commented:
We specify IP of the firewall in Citrix Client, which gets redirected to the Citrix server by the firewall. Thanks.
0
 
AkulshAuthor Commented:
The problem got fixed by a co-worker while I was working on something else. He modified a setting on the firewall. If your article talks about that setting, then I will give you credit. Otherwise I will like to delete this question. Will know tomorrow. Thanks again.
0
 
AkulshAuthor Commented:
"Ports Required to be Open for Connectivity Through Firewalls and Routers" section of your link was helpful. Thanks.
0
 
Tony JLead Technical ArchitectCommented:
You're more than welcome. Glad it got fixed and thank you for the points.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.