And also, as Dirk said before... the other ports are required from CSG -> Citrix Servers and CSG -> STA if you are in an environment that uses a DMZ. :) -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Lambert, Ryan Sent: Thursday, October 07, 2004 9:00 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: ICA over the web Apologies if this comes twice, not sure if the first went. -- With CSG, you don't need to expose your Citrix servers to the Internet (1494tcp/1604udp). The Secure Gateway manages the session, and all you need is 443 open to the CSG box. CSG goes on with WI (can be on same box even in some deployments), and both products are free with Metaframe. I've done this a couple of times, and it works great. You still need a real SSL certificate for CSG... but... Benefit: You're getting some extra added security for really no extra price. You were buying the cert, anyway! -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Bill Beckett Sent: Thursday, October 07, 2004 8:45 AM To: 'thin@xxxxxxxxxxxxx' Subject: [THIN] Re: ICA over the web What is the benefit of using Secute Gateway versus just having an SSL cert on the web page? -----Original Message----- From: Dirk Blose [mailto:Dirk.Blose@xxxxxxxxxx] Sent: Thursday, October 07, 2004 8:20 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: ICA over the web Web Interface, Secure Ticketing Authority, and Secure Gateway are the way to go. They're free and don't require too much horsepower to run. You can put them both on the Same server in the DMZ and the Secure ticket Authority on any IIS server inside. The only thing you open to the outside is 443 to the server. Inbound you open the XML port to the Citrix servers and 80 to the Secure Ticket Authority. It's that simple. Dirk Blose, MCSE, CCA Lead Technical Analyst (919) 765-4791 dirk.blose@xxxxxxxxxx >>> MineroHB@xxxxxxxxxxxxx 10/07/04 08:13AM >>> Hi all, I have been using Citrix MetaFrame in a LAN for many years and I have never had to make the servers available to any external sites over the web. Now, I am required to provide secure access to some servers over the web. My question is: what other Citrix software do I need to accomplish this? A long time ago, I was familiar with Secure Gateway, but Citrix products have changed so much lately that I am not sure how to make it happen anymore. Could someone point me to any articles or white papers? Thanks, ________________________________ Hector Minero NSWCDD Code K55 Ph: (540) 653-8859 Fax: (540) 653-8575 ******************************************************** This Weeks Sponsor RTO Software Do you know which applications are abusing your CPU and memory? Would you like to learn? -- Free for a limited time! Get the RTO Performance Analyzer to quickly learn the applications, users, and time of day possible problems exist. http://www.rtosoft.com/enter.asp?id=320 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm ******************************************************** This Weeks Sponsor RTO Software Do you know which applications are abusing your CPU and memory? Would you like to learn? -- Free for a limited time! Get the RTO Performance Analyzer to quickly learn the applications, users, and time of day possible problems exist. http://www.rtosoft.com/enter.asp?id20 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm ******************************************************** This Weeks Sponsor RTO Software Do you know which applications are abusing your CPU and memory? Would you like to learn? -- Free for a limited time! Get the RTO Performance Analyzer to quickly learn the applications, users, and time of day possible problems exist. http://www.rtosoft.com/enter.asp?id=320 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm ******************************************************** This Weeks Sponsor RTO Software Do you know which applications are abusing your CPU and memory? Would you like to learn? -- Free for a limited time! Get the RTO Performance Analyzer to quickly learn the applications, users, and time of day possible problems exist. http://www.rtosoft.com/enter.asp?id=320 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm ******************************************************** This Weeks Sponsor RTO Software Do you know which applications are abusing your CPU and memory? Would you like to learn? -- Free for a limited time! Get the RTO Performance Analyzer to quickly learn the applications, users, and time of day possible problems exist. http://www.rtosoft.com/enter.asp?id=320 ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm