Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1447
  • Last Modified:

Citrix ICA fails to launch. Firewall?

We are putting in place a new firewall however when accessing external websites / services that require Citrix ICA client we receive the following error when launching the ICA via a web browser "Citrix Receiver- unable to launch your application contact your help desk with the following information. Cannot connect to the Citrix Xenapp server. There is no Citrix Xenapp server configured on the specified address".
TCP ports.

1494 TCP is permitted so unsure why this is occurring.
0
StratfrordDC
Asked:
StratfrordDC
1 Solution
 
Jayanta SarmahCommented:
It seems the ports are not open correctly ,

1494 need to be opened to Citrix servers where application are hosted not to Web interface and 2598 if session reliability is used.

If your users are accessing the external citrix infrastructure where a CAG or secure gateways etc in place you may need 443 (SSL) opened to Secure gateway /CAG .

Best way will be to trace the packet where it is droping or telnet the required port on the destination from user workstation.

Hope this helps ...

Cheers
0
 
Dave HoweSoftware and Hardware EngineerCommented:
usually? its a problem with the local proxy.

clicking on the launch link will download and execute a file ending in dot-ica which contains all the connection settings for the actual session. Log into the front end using a browser (such as firefox portable) which does not have the client plugin, and obtain the file by saving it instead of executing it.  Look inside the file - if there is a line directing you to use a proxy (such as a CSG) then that will override your own local proxy settings, and is the usual cause of the failure.
0
 
gsmartinCommented:
The best approach is by using a CSG or a CAG over SSL (443).  Once the CAG/CSG receives the traffic to hand it over to the STA (Web/XML service) servers on port 8080.  This is the preferred method vs opening ICA ports on the firewall.
0
 
StratfrordDCAuthor Commented:
The ports were not open correctly.
I had a typo of 2958 instead it should have been 2598
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now