RE: Publish Citrix Metaframe
- From: "Ray Dzek" <Ray.Dzek@xxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 26 May 2005 16:09:01 -0700
Sorry. You are correct. This is the first time we have used HTTP/HTTPS
publishing. The logon HTTPS interface is separate from the ICA client
traffic and therefore would not traverse the SSL session as you
mentioned. I see that Citrix has just announced version 4 with a
gateway appliance as a replacement to the gateway software.
-----Original Message-----
From: Ted Doholis [mailto:tdoholis@xxxxxxxxxxxxx]
Sent: Thursday, May 26, 2005 5:41 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Publish Citrix Metaframe
http://www.ISAserver.org
How do you plan to encapsulate the ICA traffic in SSL? The protocol is
ICA, it has a specific port and the client isn't smart enough on its own
to do the encapsulation. You can SSL the web interface but you can not
do anything more than the RC5 encryption available natively in
metaframe.
Many people use this method although it is not a "best practice".
Ted Doholis
SaltSpring Software Inc.
-----Original Message-----
From: Ray Dzek [mailto:Ray.Dzek@xxxxxxxxxxxxxxx]
Sent: Wednesday, May 25, 2005 5:32 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Publish Citrix Metaframe
http://www.ISAserver.org
The clients are set for basic encryption anyway. If we take the citrix
client bacsic encryption and wrap it in SSL, we can pretty pretty much
call it "safe" at that point, yes? Am I missing anything? I have
already built the web publishing rule and created the new web listener.
It seems to work okay.
-----Original Message-----
From: Ted Doholis [mailto:tdoholis@xxxxxxxxxxxxx]
Sent: Wednesday, May 25, 2005 2:02 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Publish Citrix Metaframe
http://www.ISAserver.org
You can publish the web interface via HTTP or SSL.
You can specify an alternative IP address for the Citrix server to the
outside if ISA and then publish it via ISA You can not secure the ICA
protocol with encryption via ISA
The Citrix SSL gateway interacts with the client to define the protocol
that the client should attempt to connect to the server with. ISA can
not do this for you.
Ted Doholis
SaltSpring Software Inc.
-----Original Message-----
From: Ray Dzek [mailto:Ray.Dzek@xxxxxxxxxxxxxxx]
Sent: Wednesday, May 25, 2005 4:48 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Publish Citrix Metaframe
http://www.ISAserver.org
Has anybody attempted to publish Citrix Metaframe through ISA? Citrix
provides their own gateway server product to proxy the citrix
connections to the internal server and provide SSL. But I was wondering
if anyone had removed the middle man in this case and published
Metaframe something like an exchange server. Put the SSL certificate on
the Metaframe server and then export it to the ISA box. Is this
"do-able"?
Ray Dzek
Network Operations Supervisor
Specialized Bicycles
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tdoholis@xxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
ray.dzek@xxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tdoholis@xxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com Leading
Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org Windows
Security Resource Site: http://www.windowsecurity.com/ Network Security
Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions:
http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
ray.dzek@xxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
