• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Accessing Citrix Metaframe from behind ISA 2004

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> Accessing Citrix Metaframe from behind ISA 2004 Page: [1]
Login
Message << Older Topic   Newer Topic >>
Accessing Citrix Metaframe from behind ISA 2004 - 20.Aug.2004 2:58:00 AM   
asmurphy

 

Posts: 3
Joined: 20.Aug.2004
Status: offline
Hi there,

I have a problem where I'm behind ISA Server 2004 and I'm trying to access a Citrix Metaframe XP server on another network. I can log into Nfuse ok but when I try to connect to Remote Console to a server I get the following error when the ICA client starts up. "The socket is not already bound to an address."

Looking at the firewall logs I'm seeing a lot of denied requests for SSL-Tunnel. They look like this.

Destination Port : 443
Protocol : SSL-tunnel
Action : Denied Connection
Http Method : Connect

I have HTTPS allowed from the Internal network to the External Network and the Local Host. Does anyone know where else I can look to fix this, it doesn't seem to matter what I put in the firewall config! I've also tried with and without the ISA Firewall Client and it doesn't work either.

Thanks
Post #: 1
RE: Accessing Citrix Metaframe from behind ISA 2004 - 24.Feb.2005 10:51:00 AM   
ctc_IT

 

Posts: 9
Joined: 11.Feb.2005
From: Cymru - Wales (UK)
Status: offline
I'm having this exact problem as well. Can anybody PLEASE help ???

(in reply to asmurphy)
Post #: 2
RE: Accessing Citrix Metaframe from behind ISA 2004 - 24.Feb.2005 8:00:00 PM   
MorfiusX

 

Posts: 25
Joined: 12.Jan.2005
Status: offline
From what I've read, the Citrix client (if that's what you are using) tries to create a ssl tunnel on a non-standard port. ISA by default only allows ssl tunnels on a certiain port. You have to enable ISA to allow tunneling on the alternate port.

Link:
http://www.isaserver.org/articles/2004tunnelportrange.html

(in reply to asmurphy)
Post #: 3
RE: Accessing Citrix Metaframe from behind ISA 2004 - 25.Feb.2005 5:07:00 PM   
ctc_IT

 

Posts: 9
Joined: 11.Feb.2005
From: Cymru - Wales (UK)
Status: offline
I'm assured it runs over a normal port 443. ICA/SSL is the protocol used - this protocol encapsulates ICA in SOCKS, further wrapped in SSL. Any further ideas ?

(in reply to asmurphy)
Post #: 4

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Access Policies >> Accessing Citrix Metaframe from behind ISA 2004 Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts