Netscaler 10.1 and Citrix Reciever

Hi

I have an issue with applications getting stuck when using Citrix receiver on IPAD/IPHONE. It works fine when I'm on the same network, but from external it gets stuck at stating application...

I have read various posts on internet and tried tweaks to not avail, what am I missing, is it something on the firewall or Netscaler?

https://discussions.citrix.com/topic/356705-receiver-stuck-on-starting-connection-in-progress/


Thanks
badabing1Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gheistCommented:
Check firewall logs for traffic being denied one or other way.
Here the full list (you dont need all)
https://support.citrix.com/servlet/KbServlet/download/2389-102-704421/CTX101810_28th_June_2013.pdf7
0
Sekar ChinnakannuStaff EngineerCommented:
Make sure your network team allowed all the citrix ports to allow users from external network.
0
Dirk KotteSECommented:
Agree with previous posts ... check the firewall logs.
Mind ... most current receivers use ica/hdx with session reliability (TCP 2598), receiver on ipad/iphone don`t use session reliability.
So these sessions need port TCP 1494 from netscaler to xenapp-servers.
0
badabing1Author Commented:
Thanks ill check these settings and come back with an update.
0
badabing1Author Commented:
ok i have checked what is suggested above all looks fine?
0
Brian MurphyCitrix Technology SpecialistCommented:
When you say external, how do you have the receiver configured to connect?  

Are you using Micro-VPN?

Or, are you using the actual receiver?

Do you have an external Secure VPN Virtual Server aka Secure Gateway VIP configured?

That is Port 443.  It uses a registered SSL Certificate and HTTPS over ICA.
0
CoralonCommented:
Did you create your policy to listen for the user agent string?
http://support.citrix.com/article/CTX124937

Out of the box, the Netscaler will not allow mobile devices, you have to set this up to enable it.

Coralon
0
badabing1Author Commented:
Hi Brian,

sorry fior the late response,

when i say it works internally i meant that citrix reciever works on the internal network as expected but when i access citrix apps from internet on my IPAD or any other mobile device it gets stuck at launching..

i have port 443 natting to netscaler gateway.

i have a session policy configured on Netscaler Gateway.

not sure about the other questions, but am happy to send screen prints.

Thanks
0
CoralonCommented:
That's why I'm asking about the policy for mobile devices -- if you follow the article, you can check your policies easily enough.

Coralon
0
badabing1Author Commented:
Coralon, i have followed this type of articles many a times to no avail, yes i have policy session set for WI and mobile devices. strange things is that everything works as expected inside the network but from internet WI for published apps works but not from the reciever ...

Thanks
0
badabing1Author Commented:
any updates on this ticket please? the issue still persist...
0
CoralonCommented:
I may have missed something obvious.. you said you are NAT'ng to the netscaler?

Does your Netscaler have a leg in the DMZ?
If the Nat'ng isn't done correctly, then it will break the SSL stream..

Make sure you have it set to bridge the SSL from your firewall to the Netscaler, do not do any kind of active NAT/SSL decryption/re-encryption.  

Coralon
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
badabing1Author Commented:
I will revisit this issue in the next couple of weeks.
0
Sekar ChinnakannuStaff EngineerCommented:
Shared required info, If still need expert can object.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Citrix

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.