I am wondering if any of you can help with the scenario below - its now driving me mad.
I have an isa 2004 server with a citrix web interface server behind - using http i would like to display the Citrix web interface login screen on the external ip of the isa server or alternatively the owa forms based logon screen
user --> citrix.myco.com --> isa 2004 ---> citirx webserver
essentially i would like users to enter a username and password once to login to the system - i have tried various different configurations but with no sucess - has anyone any time or ideas to help me out here - i have tried web publishing rules - alternate ports -and pretty much everything else
Are you wanting the ISA Server to perform authentication or just publish the site? Web Interface implements its own forms-based authentication page, you may not be able to get ISA Server to perform authentication here.
Having said that though, if you are looking to provide users with access to their application via Web Interface, you are best teaming this with Secure Gateway (see the Citrix product documentation for more info)
Do you get the web site login page to come up? I can't get that far. I got my OWA site to work for about two days before it quit or I killed it trying to get Citrix going. So far ISA 2004 is a total waste as far as my web publishing efforts go.
Re "Do you get the web site login page to come up? I can't get that far. I got my OWA site to work for about two days before it quit or I killed it trying to get Citrix going. So far ISA 2004 is a total waste as far as my web publishing efforts go."
I managed to get the web login page to come up by allowing anonymous access on the Inetpub directory on the webserver - this allows the Nfuse / Web Interface page to be displayed via the ISA Publishing rule - now i don't get prompted for any additional passwords from ISA - however all now is not well with Citrix Web Interface as after you enter your login credentials the web interface complains that it cannot contact the XML service. Looking at the ISA Logs doesn't give me any additional clues as to what is happening - the error i get now is "ERROR: The Citrix MetaFrame servers cannot process your request at this time" - spending a little time looking at the Citrix website for clues - shame citrix don't operate as well as this site Tom !
I can't find the Citrix article now, but that sounds like the error I had with XML ports. I changed my XML port to 8080 and it worked fine, internally at least. I'm putting up a new ISA server at the moment to do some more testing. if I have any luck I will post what I did to get it going.
i shall try the xml port on 8080 and see what happens here too - i have no wish to go to secure gateway yet as that will cost in infrastructure - however i want to see the basic package working first before going to secure gateway
My XML port issue was first noticed internally so I had to change it for whatever reason.
After many failed attempts I am successfully publishing the web interface for Citrix via ISA 2004.
I spent about a week trying different settings and publishing rules. No matter what I tried it would not work. I could publish OWA, but not Citrix Web Interface. I finally decided that something was wrong with that install of ISA so I brought up a new machine as I mentioned above. I exported the publishing rules from the old machine to the new one and swapped my external IPs around. After that it worked instantly. Very odd problem overall.
As sikoniko mentioned I had a problem with NAT after I got my web interface published, but that was solved easily enough via the web interface management console. From what I have seen with this and with the old Nfuse interface, NAT issues will not prevent you from logging in. It will just prevent you from launching the applications once you are logged in. Others may have a different experience with NAT problems, but that's what I have seen with two different versions of the Citrix web software.