[THIN] STA port number change?
- From: "Raffensberger, Stephen D (Stephen) %" <raff@xxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Fri, 11 Apr 2003 09:53:05 -0400
I'm building a standard Nfuse 1.7/CSG/STA configuration according to the =
Citrix docs.
My firewall folks are concerned about port 80 traffic initiated in the =
DMZ (Nfuse &
CSG) and destined for the STA in the intranet. They want me to change it =
to another
port for improved security.
I imagine it's pretty simple to do.
1. On the STA server, change the port to 999 in IIS.
2. On the Nfuse server, change the NFuse_CSG_STA_URL to
http://X.X.X.X:999/Scripts/CtxSta.dll
3. On the CSG server, change Port to 999 in
HKLM\CCS\Services\CtsSecGwy\TicketAuthorities\STA01
Has anyone actually done this? Is it as big a security problem as my =
guys perceive?
It seems like Citrix doesn't think so. It's not in any of the =
installation or config
settings. Also it looks like it's incompatible with SSL which means that =
I can't
really secure it at all.
Steve Raffensberger
Computer Aid serving Agere Systems
Mailto: raff@xxxxxxxxx
(610) 712-6819
********************************************************
This Week's Sponsor - ThinPrint
Simply the best print solution for
Microsoft Terminal Services
and Citrix Metaframe.
http://www.thinprint.com/
**********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
- Follow-Ups:
- [THIN] Re: STA port number change?
- From: Carlos Sanabria
- [THIN] Re: STA port number change?
- From: M
- [THIN] Re: STA port number change?
- From: Brian Murphy
Other related posts:
- [THIN] Re: STA port number change?
- From: Carlos Sanabria
- [THIN] Re: STA port number change?
- From: M
- [THIN] Re: STA port number change?
- From: Brian Murphy