Solved

Citrix ICA fails to launch. Firewall?

Posted on 2013-11-27
4
1,316 Views
Last Modified: 2013-12-05
We are putting in place a new firewall however when accessing external websites / services that require Citrix ICA client we receive the following error when launching the ICA via a web browser "Citrix Receiver- unable to launch your application contact your help desk with the following information. Cannot connect to the Citrix Xenapp server. There is no Citrix Xenapp server configured on the specified address".
TCP ports.

1494 TCP is permitted so unsure why this is occurring.
0
Comment
Question by:StratfrordDC
4 Comments
 
LVL 7

Accepted Solution

by:
Jayanta Sarmah earned 500 total points
ID: 39682960
It seems the ports are not open correctly ,

1494 need to be opened to Citrix servers where application are hosted not to Web interface and 2598 if session reliability is used.

If your users are accessing the external citrix infrastructure where a CAG or secure gateways etc in place you may need 443 (SSL) opened to Secure gateway /CAG .

Best way will be to trace the packet where it is droping or telnet the required port on the destination from user workstation.

Hope this helps ...

Cheers
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 39683043
usually? its a problem with the local proxy.

clicking on the launch link will download and execute a file ending in dot-ica which contains all the connection settings for the actual session. Log into the front end using a browser (such as firefox portable) which does not have the client plugin, and obtain the file by saving it instead of executing it.  Look inside the file - if there is a line directing you to use a proxy (such as a CSG) then that will override your own local proxy settings, and is the usual cause of the failure.
0
 
LVL 8

Expert Comment

by:gsmartin
ID: 39683334
The best approach is by using a CSG or a CAG over SSL (443).  Once the CAG/CSG receives the traffic to hand it over to the STA (Web/XML service) servers on port 8080.  This is the preferred method vs opening ICA ports on the firewall.
0
 

Author Comment

by:StratfrordDC
ID: 39699956
The ports were not open correctly.
I had a typo of 2958 instead it should have been 2598
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Enterprise Password Manager Suites as well as Local Password managers are covered in this article.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question