Are you accessing a different name externally? Does the name match the IIS website? What's in the IIS logs? Anything? 2009/12/2 James Scanlon <scanjam@xxxxxxxxxxx> > the names all match DNS and cert - its a godaddy certificate. > > externally the CSG / WI auth page doesnt come up at all > > internally i see everything and it all matches > > its Firewall > 443 > Inside Server CSG + WI on same box > same LAN to > Citrix Servers / farm > > In the past when terre were cert issues or whatnot we would still get a > page it woudl just say the certificate doesnt match - we are not even > getting that far! > > Sigh. :) > thanks for your quick replies! > > SCANJAM > > > > > ------------------------------ > Date: Wed, 2 Dec 2009 07:40:54 -0600 > Subject: [THIN] Re: CSG 3.1.2 and WI 5.2 - HELP! > From: gareese@xxxxxxxxx > To: thin@xxxxxxxxxxxxx > > > are you using a public/commercial cert or one fro your own internal CA? If > the conencting user doesn't have happiness on the cert, they won't get > anywhere. They need to trust the CA that issued it, names have to match, > there can be no warnings on it. etc, etc > > 443 needs to be open to the CSG, preferably in the DMZ, then 1494, 80 > (assuming the default 80 for XML) from the CSG to the internal network. > > is that how you have it? > > On Wed, Dec 2, 2009 at 6:46 AM, James Scanlon <scanjam@xxxxxxxxxxx> wrote: > > I have a new CSG and WI setup where it all works on the inside of the > network via CSG (users can all get the correct CSG address in the ICA files > etc and launch apps) then i see sessions running via csg > > Both CSG and WI are running on the same box with WI configured as indirect > mode > > If however we try this from the internet with just port 443TCP forwarded we > get 'this page cannot be displayed' > This is actually the second firewall we have tried both with the same > result. > > Testing the STA's i get http 400 - Bad request (shouldnt it be resource not > allowed?) though all green ticks in the ~SG Diagnostics > > The Secure gateway was filling the logs with BAD tickets and other crap > about the server xml is not able to process requests - but this server was > removed AGES ago...? > > HELP!! Our client is extremely p1ssed that they have replaced their > firewall for nothing and the CSG still isnt working... > Surely if it works inside then it must simply be a firewall / network > issue? > And even if it is a citrix misconfig issue why doesnt the page load at > all?? Usually we get the first page but then the apps wont launch or the > user cant log in? > > SCANJAM > > > ------------------------------ > Check out the latest features today Get more out of > Hotmail<http://windowslive.ninemsn.com.au/hotmail/article/878466/your-hotmail-is-about-to-get-even-better> > > > > ------------------------------ > Check out Domain Radar NOW! A world FIRST in property search has > arrived!<http://clk.atdmt.com/NMN/go/157631292/direct/01/> >