Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Citrix ICA fails to launch. Firewall?

Posted on 2013-11-27
4
Medium Priority
?
1,412 Views
Last Modified: 2013-12-05
We are putting in place a new firewall however when accessing external websites / services that require Citrix ICA client we receive the following error when launching the ICA via a web browser "Citrix Receiver- unable to launch your application contact your help desk with the following information. Cannot connect to the Citrix Xenapp server. There is no Citrix Xenapp server configured on the specified address".
TCP ports.

1494 TCP is permitted so unsure why this is occurring.
0
Comment
Question by:StratfrordDC
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 7

Accepted Solution

by:
Jayanta Sarmah earned 1500 total points
ID: 39682960
It seems the ports are not open correctly ,

1494 need to be opened to Citrix servers where application are hosted not to Web interface and 2598 if session reliability is used.

If your users are accessing the external citrix infrastructure where a CAG or secure gateways etc in place you may need 443 (SSL) opened to Secure gateway /CAG .

Best way will be to trace the packet where it is droping or telnet the required port on the destination from user workstation.

Hope this helps ...

Cheers
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 39683043
usually? its a problem with the local proxy.

clicking on the launch link will download and execute a file ending in dot-ica which contains all the connection settings for the actual session. Log into the front end using a browser (such as firefox portable) which does not have the client plugin, and obtain the file by saving it instead of executing it.  Look inside the file - if there is a line directing you to use a proxy (such as a CSG) then that will override your own local proxy settings, and is the usual cause of the failure.
0
 
LVL 8

Expert Comment

by:gsmartin
ID: 39683334
The best approach is by using a CSG or a CAG over SSL (443).  Once the CAG/CSG receives the traffic to hand it over to the STA (Web/XML service) servers on port 8080.  This is the preferred method vs opening ICA ports on the firewall.
0
 

Author Comment

by:StratfrordDC
ID: 39699956
The ports were not open correctly.
I had a typo of 2958 instead it should have been 2598
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let's recap what we learned from yesterday's Skyport Systems webinar.
Ever wonder what it's like to get hit by ransomware? "Tom" gives you all the dirty details first-hand – and conveys the hard lessons his company learned in the aftermath.
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question