Hi All, More info from checking my Citrix Secure
Proxy server I can see connections in netstat to my citrix app servers using
both ports 1494 and 2598 so Im guessing I don’t need to open 2598 between
client PC and the Citrix Secure Gateway, can anyone confirm this one way or
another that client will talk to CSG using port 80/443 only and that when a XML
connection has been made between client and app server then all communication
is only sent over port 443? Cheers Al From:
thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of alan tropper Hi Jeffrey, All citrix servers in my farm are running
XenApp 4.5 R05, Win2003 Sp2. In the web interface config settings I
have selected 3 STA servers from the farm, and in the Secure Gateway I have
also selected the same servers for the STA connections. Cheers Al From:
thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Gardiner, Jeffrey (H USA) Alan, What version of XenApp is running on you
ticketing server? From:
thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of alan tropper Hi Andy, Firstly thanks for the
reply! I tried turning off
Session reliability from the farm settings but this didn’t fix the issue
as I was still getting the same errors as below from the CSG, however session
reliability was still enabled on the web interface gateway settings, should I
turn this off or do I need to open up port 2598 between my CSG, CSP & WI
servers? Errors: Event ID 100 –
Client IP sent bad ticket, connection dropped (Source Citrix Secure Gateway)
(Cat: Ticketing) Event ID 103 Incoming
citrix gateway protocol downstream data could not be processed (Source:Citrix
Secure Gateway (Cat:CGP) I can also telnet
using port 2598 to my citrix application servers from the WI server, is port 2598
used between the CSG, CSP & WI servers at all or is this communication
traffic all on port 443 as I cannot connect to port 2598 between these servers
at present? The strangest part is
that the server is just a clone of the production server and has nothing of any
difference apart from the WI versions so Im confused why one works and the
other doesn’t? Any input would be
much appreciated from all J From:
thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Andy Friar Switch off Session
reliability or ensure that the firewall rules are open. Rgds Andy
The information in this E-Mail is intended for
the named recipients only. It may contain privileged and confidential information.
If you are not the intended recipient you must not copy, distribute or take any
action or place reliance on it. If you have received this E-Mail in error,
please notify the sender immediately by using the E-Mail address and then
delete the message. The views expressed in this message are personal and not
necessarily those of Novus Networks. Company Reg No 3858005
From:
thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of alan tropper Hi All, Im hoping someone can save the day with this issue! Basically I have a web interface server running WI4.5 and
this hooks in to a Citrix Secure Proxy Server that talks to the Citrix Secure
Gateway 3.1.1. I cloned the WI4.5 and upgraded to WI5.2 which looked great,
I configured it to download latest client ‘CitrixOnlinePlugin.’ When I switched the clone to production for testing I ran
the CSG diagnostics and all worked fine, although I had to re-join domain for
WI clone. When I would run the old citrix client software I received
an error when selecting a published application concerning a protocol error. When I ran the new client software and tried to connect to a
published app I would not see any errors but would get errors as follows in the
CSG logs: Event ID 100 – Client IP sent bad ticket, connection
dropped (Source Citrix Secure Gateway) (Cat: Ticketing) Event ID 1-3 Incoming citrix gateway protocol downstream
data could not be processed (Source:Citrix Secure Gateway (Cat:CGP) I tried to re-set the STA’s in CSG3.1 and still no
luck! When I dropped the clone and put my old WI4.5 server back
online all worked again…any ideas to go on would be great?? Cheers Al
|