Solved

Citrix Netscaler cant assign requested address

Posted on 2014-01-15
5
3,454 Views
Last Modified: 2016-10-25
xenapp 6.5 enviro. Netscaler VPX (5).  Have entrust root, chain, and server certificates installed, linked, and verified.  can connect locally through the netscaler virtual server without issue (logging into the virtual server from the LAN).  Login, can see and access published desktop as well as published apps. When accessing through the external address though, i can log in and get all the way to the point of opening the desktop or apps and receive the error: "Unable to launch your application, cannot connect to Citrix Xenapp server. Can't assign requested address".  SSL is showing valid from the remote computer.  

The Netscaler is setup on the LAN side of my firewall, i have not moved it to the DMZ yet so LDAP and Citrix servers are all local.  ports opened on firewall pointing to the virtual server only are 80,443,8080,2598,546-547,as well as 1494-1604 (this span will be corrected later).
0
Comment
Question by:GreshAssoc
  • 3
  • 2
5 Comments
 
LVL 2

Author Comment

by:GreshAssoc
ID: 39783484
as a test i created two add'l service objects on the firewall - opening udp ports 1-65000 and tcp ports 1-65000 and applied them to the netscaler firewall policy.  Same error, so this doesnt appear to be a firewall issue.
0
 
LVL 23

Assisted Solution

by:Dirk Kotte
Dirk Kotte earned 500 total points
ID: 39784611
do you use a windowsserver for webinterface, AG-integrated WI or storefront ?
do you use the ica-proxy-mode or the netscaler-Gateway client?

look with "netstat -n 5" for TCP requests while try to start the app (especially sys-send )
save the launch-ica file and look for the "ssl-proxy" entry (or post the content)
0
 
LVL 2

Author Comment

by:GreshAssoc
ID: 39842596
sorry for the delay.  some other items took priority, but i am back at this now.
Using a webinterface from a windows server.  the netscaler is pointed to a specific server / sta.  WI on that server and sta are working.  when i attempt to access this from a mac i get a different result:  Cannot connect, the server "random farm server.com:1494" cannot be found on the network.  as i continue to attempt to launch it will cycle through every one of my farm servers.  i have verified 1494 is open and is getting an ICA response via telnet.  i have also opened a range of ip addresses covering all of my farm servers for 1494 & 2598.  the netscaler itself is open on 80, 8080, and 443.  the ica log file is attached.  the netscaler is new to me so i am not sure if there should be a server or site name under [applicationservers] desktop=  
Also, due to the number of servers in the farm i could not successfully pull a netstat, i suppose i can build a test farm with a single server for that.

..update- from looking at my internal ica file it does not list an app server either, so i guess it is not needed

--------------------------------------------------------------------------------------------------
Connecting using ICA File (Server: Desktop)
[ApplicationServers]
Desktop=

[Compress]
DriverNameWin32=pdcompn.dll
DriverNameWin16=pdcompw.dll

[Desktop]
Address=citrix65vm0.removed.com:1494
AutologonAllowed=ON
BrowserProtocol=HTTPonTCP
CGPAddress=*:2598
ClientAudio=On
DesiredColor=4
DesiredHRES=4294967295
DesiredVRES=4294967295
DoNotUseDefaultCSL=On
FontSmoothingType=0
InitialProgram=#Desktop
LaunchReference=ZwBW/+oSrWWu9lP6Gst2As7UJ2hdyrLIbPoWwIaYTZk=
Launcher=WI
LocHttpBrowserAddress=!
LongCommandLine=
LPWD=6
NRWD=22
ProxyType=Auto
ProxyTimeout=30000
SessionsharingKey=-uJs60MoI96xZAfPC6oxfmq
SFRAllowed=Off
SSLEnable=Off
StartIFDCD=1391796631093
StartSCD=1391796631093
Title=Desktop
TransportDriver=TCP/IP
TWIMode=Off
UILocale=en
UseLocalUserAndPassword=On
WinStationDriver=ICA 3.0

[Encoding]
InputEncoding=UTF8

[EncRC5-0]
DriverNameWin32=pdc0n.dll
DriverNameWin16=pdc0w.dll

[EncRC5-128]
DriverNameWin32=pdc128n.dll
DriverNameWin16=pdc128w.dll

[EncRC5-40]
DriverNameWin32=pdc40n.dll
DriverNameWin16=pdc40w.dll

[EncRC5-56]
DriverNameWin32=pdc56n.dll
DriverNameWin16=pdc56w.dll

[WFClient]
CPMAllowed=On
ProxyTimeout=30000
ProxyType=Auto
ProxyUseFQDN=Off
ProxyFavorIEConnectionSetting=Yes
RemoveICAFile=yes
TransportReconnectEnabled=On
TransparentKeyPassthrough=FullScreenOnly
Version=2
VirtualCOMPortEmulation=Off
VSLAllowed=On

Connecting using ICA File (Server: Desktop)
[ApplicationServers]
Desktop=

[Compress]
DriverNameWin32=pdcompn.dll
DriverNameWin16=pdcompw.dll

[Desktop]
Address=citrix65vm0.removed.com:1494
AutologonAllowed=ON
BrowserProtocol=HTTPonTCP
CGPAddress=*:2598
ClientAudio=On
DesiredColor=4
DesiredHRES=4294967295
DesiredVRES=4294967295
DoNotUseDefaultCSL=On
FontSmoothingType=0
InitialProgram=#Desktop
LaunchReference=ZwBW/+oSrWWu9lP6Gst2As7UJ2hdyrLIbPoWwIaYTZk=
Launcher=WI
LocHttpBrowserAddress=!
LongCommandLine=
LPWD=6
NRWD=22
ProxyType=Auto
ProxyTimeout=30000
SessionsharingKey=-uJs60MoI96xZAfPC6oxfmq
SFRAllowed=Off
SSLEnable=Off
StartIFDCD=1391796631093
StartSCD=1391796631093
Title=Desktop
TransportDriver=TCP/IP
TWIMode=Off
UILocale=en
UseLocalUserAndPassword=On
WinStationDriver=ICA 3.0

[Encoding]
InputEncoding=UTF8

[EncRC5-0]
DriverNameWin32=pdc0n.dll
DriverNameWin16=pdc0w.dll

[EncRC5-128]
DriverNameWin32=pdc128n.dll
DriverNameWin16=pdc128w.dll

[EncRC5-40]
DriverNameWin32=pdc40n.dll
DriverNameWin16=pdc40w.dll

[EncRC5-56]
DriverNameWin32=pdc56n.dll
DriverNameWin16=pdc56w.dll

[WFClient]
CPMAllowed=On
ProxyTimeout=30000
ProxyType=Auto
ProxyUseFQDN=Off
ProxyFavorIEConnectionSetting=Yes
RemoveICAFile=yes
TransportReconnectEnabled=On
TransparentKeyPassthrough=FullScreenOnly
Version=2
VirtualCOMPortEmulation=Off
VSLAllowed=On

Connecting using ICA File (Server: Desktop)
[ApplicationServers]
Desktop=

[Compress]
DriverNameWin32=pdcompn.dll
DriverNameWin16=pdcompw.dll

[Desktop]
Address=citrix65vm0.removed.com:1494
AutologonAllowed=ON
BrowserProtocol=HTTPonTCP
CGPAddress=*:2598
ClientAudio=On
DesiredColor=4
DesiredHRES=4294967295
DesiredVRES=4294967295
DoNotUseDefaultCSL=On
FontSmoothingType=0
InitialProgram=#Desktop
LaunchReference=ZwBW/+oSrWWu9lP6Gst2As7UJ2hdyrLIbPoWwIaYTZk=
Launcher=WI
LocHttpBrowserAddress=!
LongCommandLine=
LPWD=6
NRWD=22
ProxyType=Auto
ProxyTimeout=30000
SessionsharingKey=-uJs60MoI96xZAfPC6oxfmq
SFRAllowed=Off
SSLEnable=Off
StartIFDCD=1391796631093
StartSCD=1391796631093
Title=Desktop
TransportDriver=TCP/IP
TWIMode=Off
UILocale=en
UseLocalUserAndPassword=On
WinStationDriver=ICA 3.0

[Encoding]
InputEncoding=UTF8

[EncRC5-0]
DriverNameWin32=pdc0n.dll
DriverNameWin16=pdc0w.dll

[EncRC5-128]
DriverNameWin32=pdc128n.dll
DriverNameWin16=pdc128w.dll

[EncRC5-40]
DriverNameWin32=pdc40n.dll
DriverNameWin16=pdc40w.dll

[EncRC5-56]
DriverNameWin32=pdc56n.dll
DriverNameWin16=pdc56w.dll

[WFClient]
CPMAllowed=On
ProxyTimeout=30000
ProxyType=Auto
ProxyUseFQDN=Off
ProxyFavorIEConnectionSetting=Yes
RemoveICAFile=yes
TransportReconnectEnabled=On
TransparentKeyPassthrough=FullScreenOnly
Version=2
VirtualCOMPortEmulation=Off
VSLAllowed=On

Connecting using ICA File (Server: Desktop)
[ApplicationServers]
Desktop=

[Compress]
DriverNameWin32=pdcompn.dll
DriverNameWin16=pdcompw.dll

[Desktop]
Address=citrix65vm0.removed.com:1494
AutologonAllowed=ON
BrowserProtocol=HTTPonTCP
CGPAddress=*:2598
ClientAudio=On
DesiredColor=4
DesiredHRES=4294967295
DesiredVRES=4294967295
DoNotUseDefaultCSL=On
FontSmoothingType=0
InitialProgram=#Desktop
LaunchReference=ZwBW/+oSrWWu9lP6Gst2As7UJ2hdyrLIbPoWwIaYTZk=
Launcher=WI
LocHttpBrowserAddress=!
LongCommandLine=
LPWD=6
NRWD=22
ProxyType=Auto
ProxyTimeout=30000
SessionsharingKey=-uJs60MoI96xZAfPC6oxfmq
SFRAllowed=Off
SSLEnable=Off
StartIFDCD=1391796631093
StartSCD=1391796631093
Title=Desktop
TransportDriver=TCP/IP
TWIMode=Off
UILocale=en
UseLocalUserAndPassword=On
WinStationDriver=ICA 3.0

[Encoding]
InputEncoding=UTF8

[EncRC5-0]
DriverNameWin32=pdc0n.dll
DriverNameWin16=pdc0w.dll

[EncRC5-128]
DriverNameWin32=pdc128n.dll
DriverNameWin16=pdc128w.dll

[EncRC5-40]
DriverNameWin32=pdc40n.dll
DriverNameWin16=pdc40w.dll

[EncRC5-56]
DriverNameWin32=pdc56n.dll
DriverNameWin16=pdc56w.dll

[WFClient]
CPMAllowed=On
ProxyTimeout=30000
ProxyType=Auto
ProxyUseFQDN=Off
ProxyFavorIEConnectionSetting=Yes
RemoveICAFile=yes
TransportReconnectEnabled=On
TransparentKeyPassthrough=FullScreenOnly
Version=2
VirtualCOMPortEmulation=Off
VSLAllowed=On
0
 
LVL 23

Accepted Solution

by:
Dirk Kotte earned 500 total points
ID: 39846603
i missing a line containing "SSLProxyHost" within you launch.ica file.
this line directs the client to the Netscaler-gateway with SSL/port 443.
without this entry the client try to connect your XenApp server (citrix65vm0.removed.com)  at port 1494 or 2598 directly.
possible this can work also, but i think you wish a ssl connection from you client to the Gateway and 1494/2598 from the gateway to the servers...

go to the external published webinterface side / secure access / and select "gateway direct"
0
 
LVL 2

Author Closing Comment

by:GreshAssoc
ID: 39848044
Gateway direct was the issue, set up secondary WI and recreated the virtual server and all is well.
0

Join & Write a Comment

#Citrix #Citrix Policies #XenDesktop #VDI #POC #Citrix Univeral Printer Driver #Citrix UPD
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
How to install and configure Citrix XenApp 6.5 - Part 1. In this video tutorial we have explained step by step installation of Citrix XenApp 6.5 Server on Windows Server 2008 R2 is explained in this video. We have explained the difference between…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now