• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 78
  • Last Modified:

There is only one STA granting tickets

Hello.  Running Citrix Secure Gateway, 3.3.4, Web Interface 5.4.2.59 and XenApp 6.5.  We have 11 different servers running CSG/WI that point to the same XenApp 6.5 farm.

While investigating why we are seeing an increase in client connections drop, I noticed that our CSG logs are only showing that STA's are coming from 1 server instead of the 5 that are defined.  There are actually more in the server farm, so we were just using a subset.  I confirmed through logs and pulled that particular server from the server configuration and at that point, no one could execute apps in Citrix.  I need to remove this single point of failure.

I have confirmed that the webinterface.config reflect all the systems that are in the Web Interface and CSG.  The Citrix XML Service is running on all XenApp systems.  How can I force CSG to use more than a single CTXSTA?

Thanks in advance for your help.

And yes - we are in the process of moving to Netscaler, however; that is not in place quite yet.

Thanks.
0
jnordeng
Asked:
jnordeng
  • 4
  • 2
4 Solutions
 
Dirk KotteSECommented:
CSG only checks the STA-entry within launch.ica file.
The STA is written to this file by webinterface.
If you configure more than one STA (i would suggest to use the webinterface-config-tool) there is something wrong.
Webinterface has a great logging (within eventlog) - check this.
Check firewall between CSG and STA.
Check ports used by XML/STA: https://support.citrix.com/article/CTX101988
All 5 servers are within "controller"-rule? Worker don#t run the XML/STA services.
0
 
jnordengAuthor Commented:
Thanks, we are using port 8080 for the STA.  In the webinterface.conf the individual servers are listed here:

CSG_EnableSessionReliability=On
CSG_STA_URL1=http://Server.domain.local:8080/scripts/ctxsta.dll
CSG_STA_URL2=http://Server2.domain.local:8080/scripts/ctxsta.dll
CSG_STA_URL3=http://Server3.domain.local:8080/scripts/ctxsta.dll
CSG_STA_URL4=http://Server4.domain.local:8080/scripts/ctxsta.dll
CSG_STA_URL5=http://Server5.domain.local:8080/scripts/ctxsta.dll

And

Farm1=Server,domain.local,Server2.domain.local,Server3.domain.local,Name:CitrixFarmProd,XMLPort:8080,Transport:HTTP,SSLRelayPort:443,BypassDuration:60,LoadBalance:Off,TicketTimeToLive:200,RADETicketTimeToLive:200
Farm2=Server4.domain.local,Server5.domain.local,Name:CitrixTEST,XMLPort:8080,Transport:HTTP,SSLRelayPort:443,BypassDuration:60,LoadBalance:Off,TicketTimeToLive:200,RADETicketTimeToLive:200


Can you please clarify what you mean here?  "All 5 servers are within "controller"-rule? Worker don#t run the XML/STA services."


Thanks
0
 
Dirk KotteSECommented:
if you use 50 XenApp servers you do not need XLN service 50 times.
So it is possible to select from worker and controller while configuring the server.
Worker are "Zombies" and don`t think about farm features like loadbalancing, sessionsharing and other.
They are unable to get the "datacollector" job. The get only necessary informations from workers.
these article great explains this:
https://support.citrix.com/article/CTX131298?recommended
0
 
jnordengAuthor Commented:
Noticed that the option to Load Balance the STA's was not enabled, enabled and it started to distribute STA's.
0
 
Dirk KotteSECommented:
OK, but without these settings the STA should not loadbalance but failover...
so your problem " pulled that particular server from the server configuration and at that point, no one could execute apps in Citrix" should not exist.
0
 
Dirk KotteSECommented:
Problem solved
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now