[THIN] Re: [SPAM] Re: Hello me again!
- From: "Jeremy Saunders" <Jeremy.Saunders@xxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Fri, 12 Feb 2010 16:46:49 +1100
Hi Al,
CSG proxies the ICA connections, so your client only needs HTTPS access
to the CSG server(s).
The CSG server(s) require the following...
- HTTP access to the STA servers, typically port 80, although
it may be different in your environment
- ICA (tcp 1494) access to all XenApp servers
- CGP (tcp 2598) access to all XenApp servers, if using Session
Reliability
If your Web Interface is also on the same box, or in the DMZ, it
requires...
- HTTP access to the STA servers, typically port 80, although
it may be different in your environment
- HTTP access to the XML servers, typically port 80, although
it may be different in your environment
Some things may vary. But this is a typical deployment scenario.
You should enable STA logging on the XenApp servers to help you work
through this connectivity issue. This will help to identify firewall
rules, ticketing issues, etc.
Also, when you change IP Address of a CSG server, you also need to
re-run the CSG Configuration Wizard. You don't need to make any changes,
but you just need to run through it so that the settings are
reinitialised, and re-written to the configuration files.
Cheers,
Jeremy.
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of alan tropper
Sent: Friday, 12 February 2010 1:30 PM
To: thin@xxxxxxxxxxxxx; Gardiner, Jeffrey (H USA)
Subject: [THIN] Re: [SPAM] Re: Hello me again!
Hi All,
More info from checking my Citrix Secure Proxy server I can see
connections in netstat to my citrix app servers using both ports 1494
and 2598 so Im guessing I don't need to open 2598 between client PC and
the Citrix Secure Gateway, can anyone confirm this one way or another
that client will talk to CSG using port 80/443 only and that when a XML
connection has been made between client and app server then all
communication is only sent over port 443?
Cheers
Al
________________________________
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of alan tropper
Sent: Friday, 12 February 2010 10:32 AM
To: Gardiner, Jeffrey (H USA); thin@xxxxxxxxxxxxx
Subject: [THIN] Re: [SPAM] Re: Hello me again!
Hi Jeffrey,
All citrix servers in my farm are running XenApp 4.5 R05, Win2003 Sp2.
In the web interface config settings I have selected 3 STA servers from
the farm, and in the Secure Gateway I have also selected the same
servers for the STA connections.
Cheers
Al
________________________________
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Gardiner, Jeffrey (H USA)
Sent: Friday, 12 February 2010 9:50 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: [SPAM] Re: Hello me again!
Alan,
What version of XenApp is running on you ticketing server?
________________________________
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of alan tropper
Sent: Thursday, February 11, 2010 7:41 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: [SPAM] Re: Hello me again!
Hi Andy,
Firstly thanks for the reply!
I tried turning off Session reliability from the farm settings but this
didn't fix the issue as I was still getting the same errors as below
from the CSG, however session reliability was still enabled on the web
interface gateway settings, should I turn this off or do I need to open
up port 2598 between my CSG, CSP & WI servers?
Errors:
Event ID 100 - Client IP sent bad ticket, connection dropped (Source
Citrix Secure Gateway) (Cat: Ticketing)
Event ID 103 Incoming citrix gateway protocol downstream data could not
be processed (Source:Citrix Secure Gateway (Cat:CGP)
I can also telnet using port 2598 to my citrix application servers from
the WI server, is port 2598 used between the CSG, CSP & WI servers at
all or is this communication traffic all on port 443 as I cannot connect
to port 2598 between these servers at present?
The strangest part is that the server is just a clone of the production
server and has nothing of any difference apart from the WI versions so
Im confused why one works and the other doesn't?
Any input would be much appreciated from all J
________________________________
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Andy Friar
Sent: Thursday, 11 February 2010 10:29 PM
To: thin@xxxxxxxxxxxxx
Subject: [SPAM] [THIN] Re: Hello me again!
Switch off Session reliability or ensure that the firewall rules are
open.
Rgds
Andy
________________________________
________________________________
________________________________
Andy Friar
Technical Consultant
T
01260 292500
M
07720 470551
F
01260 292505
E
Andy.Friar@xxxxxxxxxxx
Novus Networks Ltd
The Old Corn Mill
Congleton Road
Siddington
Macclesfield
SK11 9JR
The information in this E-Mail is intended for the named recipients
only. It may contain privileged and confidential information. If you are
not the intended recipient you must not copy, distribute or take any
action or place reliance on it. If you have received this E-Mail in
error, please notify the sender immediately by using the E-Mail address
and then delete the message. The views expressed in this message are
personal and not necessarily those of Novus Networks. Company Reg No
3858005
Disclaimer added by CodeTwo Exchange Rules 2010
www.codetwo.com
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of alan tropper
Sent: 11 February 2010 14:19
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Hello me again!
Hi All,
Im hoping someone can save the day with this issue!
Basically I have a web interface server running WI4.5 and this hooks in
to a Citrix Secure Proxy Server that talks to the Citrix Secure Gateway
3.1.1.
I cloned the WI4.5 and upgraded to WI5.2 which looked great, I
configured it to download latest client 'CitrixOnlinePlugin.'
When I switched the clone to production for testing I ran the CSG
diagnostics and all worked fine, although I had to re-join domain for WI
clone.
When I would run the old citrix client software I received an error when
selecting a published application concerning a protocol error.
When I ran the new client software and tried to connect to a published
app I would not see any errors but would get errors as follows in the
CSG logs:
Event ID 100 - Client IP sent bad ticket, connection dropped (Source
Citrix Secure Gateway) (Cat: Ticketing)
Event ID 1-3 Incoming citrix gateway protocol downstream data could not
be processed (Source:Citrix Secure Gateway (Cat:CGP)
I tried to re-set the STA's in CSG3.1 and still no luck!
When I dropped the clone and put my old WI4.5 server back online all
worked again...any ideas to go on would be great??
Cheers
Al
------------------------------------------------------------------------
----
This message and any included attachments are from Siemens Medical
Solutions
and are intended only for the addressee(s).
The information contained herein may include trade secrets or privileged
or
otherwise confidential information. Unauthorized review, forwarding,
printing,
copying, distributing, or using such information is strictly prohibited
and may
be unlawful. If you received this message in error, or have reason to
believe
you are not authorized to receive it, please promptly delete this
message and
notify the sender by e-mail with a copy to
Central.SecurityOffice@xxxxxxxxxxx
Thank you
#####################################################################################
Confidentiality and Privilege Notice
This document is intended solely for the named addressee. The information
contained in the pages is confidential and contains legally privileged
information. If you are not the addressee indicated in this message (or
responsible for delivery of the message to such person), you may not copy or
deliver this message to anyone, and you should destroy this message and kindly
notify the sender by reply email. Confidentiality and legal privilege are not
waived or lost by reason of mistaken delivery to you.
#####################################################################################
Other related posts:
