Citrix web Interface

Hi,

I am trying to setup a citrix secure gateway which is running in my DMZ I have got the firewall (Watchguard Firebox III) to allow the CSG to talk to the Citrix Farm through port 1494, 80 and 443. What I can't get is an external connection to access the application, the user can authenticate against the AD but an "can not find metaframe server" error appears when they try to access a publish app. There is no problem if I try on the LAN.

I've been told that my problems lie with my firewall, but I am not to sure, I have configure the Watchguard as detailed in the whitepaper on Watchguard. Is there anything I am missing?

TIA

Reply to
Dave
Loading thread data ...

In order to get CITRIX working from the client side I had to create a rule as follows:

PORT 1494 TCP Allow outbound PORT 1604 UDP Allow outbound

Since you are allowing inbound CITRIX, you may need to allow 1604 UDP inbound (since I would expect it to be the reverse of my outbound rule).

Reply to
Leythos

I'm no Citrix guy, buy AFAIK you need to open 443 to the CSG and the CSG will proxy all of the connections to the farm, so nothing needs to be open from the outside to the farm.

Wil my 3¢

Dave wrote:

Reply to
Wil

That is correct, you only need 443 open from the outside world to the CSG box, you could even NAT this from the Firebox if it allows. The CSG box then needs to be able to talk with your Citrix servers, XML service and STA so ports 1494, and whatever your xml service and STA is on.

That's how I've setup CSG's anyway...

Reply to
Keith

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.