[THIN] Re: CSG / ISA Publishing

  • From: Michael Saul <michael.saul@xxxxxxxxx>
  • To: thin@xxxxxxxxxxxxx
  • Date: Mon, 28 Nov 2005 10:49:14 -0800

I completely missed this response :S

Thank you for responding, yes the DNS was all setup correctly.

The problem turned out to be ISA.  You can't use a web publishing rule
to publish the CSG connection.  Using the private key, you can use ISA
to decrypt, analyze, and re-encrypt the SSL packets.  While this works
great for basic IIS, it breaks the CSG.

I simply created a generic port forwarding rule and all is working now.

Thank you again!

On 10/25/05, Andrew Wood <andrew.wood@xxxxxxxxxxxxxxxx> wrote:
> Can you connect internally to the site internally?
>
> Does the external address map to server.url.com ?
>
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
> Of Michael Saul
> Sent: 25 October 2005 02:05
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] CSG / ISA Publishing
>
> Hi all!
>
> I am currently trying to get a Secure Gateway server published through our
> ISA server, but I can't seem to get the translation settings correct.
>
> I have verified that all of my internal clients can correctly use CSG to get
> their web applications to work by manually making an access route that uses
> Secure Gateway Direct.  The default access route is configured for Secure
> Gateway Translated.
>
> I have also added a Server Publishing rule that maps the external IP to 443
> on the CSG host (I used server publishing and not web publishing).  I'm not
> sure that I have correctly configured the secure gateway route translation,
> however.
>
> Presently, my address translation box is configured like so:
>
> Secure Gateway Route Translation
> Internal IP: <IP of CSG Server>
> Internal Port: 443
> External Address: <External IP>
> External Port: 443
>
> When I browse to https://server.url.com/Citrix/Metaframe from outside the
> firewall, I get a 404 error.  As far as I can tell, the ISA servers think
> that they are passing traffic correctly.
>
> Am I missing something else that I should be configuring?
>
> Thanks in advance,
>
> Michael Saul
> ********************************************************
> This Weeks Sponsor: Cesura, Inc.
> Know about Citrix end-user slowdowns before they know.
> Know the probable cause, immediately.
> Know it all now with this free white paper.
> http://www.cesurasolutions.com/landing/WPBCForCitrix.htm?mc=TBCC
> ********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ThinWiki community - Excellent SBC Search Capabilities!
> http://www.thinwiki.com
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use
> the below link:
> http://thin.net/citrixlist.cfm
>
> ********************************************************
> This Weeks Sponsor: Cesura, Inc.
> Know about Citrix end-user slowdowns before they know.
> Know the probable cause, immediately.
> Know it all now with this free white paper.
> http://www.cesurasolutions.com/landing/WPBCForCitrix.htm?mc=WETBCC
> ********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ThinWiki community - Excellent SBC Search Capabilities!
> http://www.thinwiki.com
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or
> set Digest or Vacation mode use the below link:
> http://thin.net/citrixlist.cfm
>
************************************************
For Archives, RSS, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
************************************************

Other related posts: