• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

citrix

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> General >> citrix Page: [1]
Login
Message << Older Topic   Newer Topic >>
citrix - 28.Aug.2008 12:29:10 AM   
jlamn

 

Posts: 1
Joined: 24.Aug.2008
Status: offline
Not sure if this is the right place but here goes...

I have the pretty much the same problem as this person:

http://forums.isaserver.org/m_20823300/mpage_1/key_/tm.htm#20823316

except i am running isa 2006. Basically users are using the proxy server to connect to an externally hosted citrix website. Getting to the site is no problem. They login and then click on an icon which launches a putty applicatin or a remote desktop application.
This is where it falls over. When they click on it they get this message:

"Cannot connect to the Citrix Presentation Server.
The Citrix SSL Server you have selected is not accepting connections.

All that shows up in the proxy log is the generic 995 message.
When we try and access the site directly there are no issues. Does anyone have any advice?
Post #: 1
RE: citrix - 28.Aug.2008 11:29:28 AM   
pwindell

 

Posts: 2244
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
Just because they use http or https to click on the "icon" does not mean it is still http or https after that.  You probably still have to allow them the Citrix Protocols.  I'm not an expert on Citrix,...but the web interface for Citrix probably runs on the same principles as Terminal Service with the Terminal Service Gateway which requires both https and RDP.

Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc 

_____________________________

Phillip Windell

(in reply to jlamn)
Post #: 2
RE: citrix - 9.Sep.2008 7:32:01 AM   
asaunders

 

Posts: 32
Joined: 11.Apr.2008
Status: offline
You'll need to let out the citrix ica protocol (1494), so your rule should be:
Allow  ICA, ICAw/ Reliability Session enabled FROM Internal  TO <Citrix servers>  AllAuthenticated (or citrix users)

(in reply to pwindell)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> General >> citrix Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts