[THIN] Re: CSG/WI on same box.

  • From: "Lambert, Ryan" <rlambert@xxxxxxxxxxxxxxx>
  • To: <thin@xxxxxxxxxxxxx>
  • Date: Thu, 16 Sep 2004 11:18:58 -0400

Yep.

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf
Of Jeff Pitsch
Sent: Thursday, September 16, 2004 11:11 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: CSG/WI on same box.

Just remember to not allow port 80 to the server from the Internet.  All
that needs to be open through the firewall is 443 to that server from
the outside.

Jeff Pitsch


-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Lambert, Ryan
Sent: Thursday, September 16, 2004 11:02 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: CSG/WI on same box.

Jeff, 

Just removed it. Seems to be working okay.

Thanks for your help.

Everyone else, too. Appreciate it.

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf
Of Jeff Pitsch
Sent: Thursday, September 16, 2004 10:55 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: CSG/WI on same box.

If you aren't using SSL on IIS (which you don't need to), you shouldn't
need to move the 443 port.  After removing the cert, did you tell IIS
not to use SSL?

Jeff Pitsch


-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Lambert, Ryan
Sent: Thursday, September 16, 2004 10:50 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: CSG/WI on same box.

Got it.

Had to move to SSL on IIS to 444 and manually put in a redirect.

All is well.

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf
Of Lambert, Ryan
Sent: Thursday, September 16, 2004 10:08 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: CSG/WI on same box.

Hi Jeff,

So... I've removed the cert from my Default web site for WI, and only
have
csg.mycompany.com configured through CSG Service Configuration.

ie: No certificate set up in IIS.

I'm allowing anonymous access to my Default Web Site. Still being
prompted
with that Windows authentication box, and when I log in, redirected to
https://csg.mycompany.com/iisstart.asp


Blech.


-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf
Of Jeff Pitsch
Sent: Thursday, September 16, 2004 10:01 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: CSG/WI on same box.

With CSG 2/WI 2 you only need 1 cert.  CSG 2 will proxy all https
communication to the WI.  Make sure the WI site is setup to allow
anonymous access.

Jeff Pitsch

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Lambert, Ryan
Sent: Thursday, September 16, 2004 9:54 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] CSG/WI on same box.

Hey all,

 

We had this discussion in a different thread yesterday, and I've been
attempting to get CSG/WI 2.0 working on the same box in a lab. No luck!!

 

This is my setup:

 

IIS 5.0 on CSG/WI server.

CSG on ip1:443 (csg.mycompany.com cert, 1024)

WI on ip2:443 (citrix.mycompany.com cert, 1024)

STA on Metaframe Server inside secured network.

 

Looks good when I do Secure Gateway Diag, everything checks out.

 

However, when I connect to https://csg.mycompany.com
<https://csg.mycompany.com/> , I am prompted for a username and
password.
Odd.

 

When I enter the Admin username/password, I'm directed to a page that
says
no default document is set up. Again odd. I can hit
http://citrix.mycompany.com/Citrix/MetaframeXP and get the default NFuse
Page just fine. but IIRC, I'm supposed to be connecting to
https://csg.mycompany.com <https://csg.mycompany.com/>  via browser. I
know
that there is a certificate installed on my WI Website (under Default
Web
Site), albeit the machine is not answering on port 443.

 

The following error I see every time I issue 'iisreset':

 

The service could not bind instance 1.  The data is the error code. 

For additional information specific to this message please visit the
Microsoft Online Support site located at:

 

Seems to me that I am having a conflict with SSL?

 

I've tried issuing the command cscript adsutil.vbs set
w3svc/disablesocketpooling true, and it came back and acknowledged me.

 

Anyone have any thoughts on this, or can point me to a design document
detailing WI2.0/CSG setup?

 

Thx,

Ryan

 

 

 

 

 

 

 

********************************************************
This Weeks Sponsor triCerat:
Have you had your fill of printing support calls, unauthorized apps
running
on unsecured Terminal Servers, profile headaches, and application
performance problems? Join us and learn how you can have a less
demanding
on-demand enterprise!
http://www.tricerat.com/?page=ents#register 
********************************************************** 
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

********************************************************
This Weeks Sponsor triCerat:
Have you had your fill of printing support calls, unauthorized apps
running
on unsecured Terminal Servers, profile headaches, and application
performance problems? Join us and learn how you can have a less
demanding
on-demand enterprise!
http://www.tricerat.com/?page=events#register 
********************************************************** 
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

********************************************************
This Weeks Sponsor triCerat:
Have you had your fill of printing support calls, unauthorized apps
running on unsecured Terminal Servers, profile headaches, and
application performance problems? Join us and learn how you can have a
less demanding on-demand enterprise!
http://www.tricerat.com/?page=events#register 
********************************************************** 
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This Weeks Sponsor triCerat:
Have you had your fill of printing support calls, unauthorized apps
running
on unsecured Terminal Servers, profile headaches, and application
performance problems? Join us and learn how you can have a less
demanding
on-demand enterprise!
http://www.tricerat.com/?page=ents#register 
********************************************************** 
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

********************************************************
This Weeks Sponsor triCerat:
Have you had your fill of printing support calls, unauthorized apps
running on unsecured Terminal Servers, profile headaches, and
application performance problems? Join us and learn how you can have a
less demanding on-demand enterprise!
http://www.tricerat.com/?page=events#register 
********************************************************** 
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
********************************************************
This Weeks Sponsor triCerat:
Have you had your fill of printing support calls, unauthorized apps running
on unsecured Terminal Servers, profile headaches, and application
performance problems? Join us and learn how you can have a less demanding
on-demand enterprise!
http://www.tricerat.com/?page=ents#register 
********************************************************** 
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

********************************************************
This Weeks Sponsor triCerat:
Have you had your fill of printing support calls, unauthorized apps running on 
unsecured Terminal Servers, profile headaches, and application performance 
problems? Join us and learn how you can have a less demanding on-demand 
enterprise!
http://www.tricerat.com/?page=events#register 
********************************************************** 
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm

Other related posts: