It begins to tunnel (wrap) the ICA traffic in SSL. This SSL stream is sent to the CSG where it is decrypted and forwarded as ICA (tcp 1494) traffic to the MetaFrame servers. Ron Oglesby Senior Technical Architect RapidApp Office 312.372.7188 Mobile 815.325.7618 email roglesby@xxxxxxxxxxxx -----Original Message----- From: Henske, Jennifer [mailto:Jennifer.Henske@xxxxxxxxxxxxx] Sent: Wednesday, July 16, 2003 3:25 PM To: 'thin@xxxxxxxxxxxxx' Subject: [THIN] Client issue: Using Nfuse via SSL We are providing an app to other companies and a few are having problems opening up apps. Config - activex client/CSG/STA/NFUSE/MF FR3. Latest versions of all. They get the launch.ica file, but the app does not open, ssl errors pop up in the Nfuse message center. We think their proxy is refusing to connect the client through. Note - opening up 443 in their firewall to our CSG fixes the problem. Is that the only way to fix it? What exactly happens when the user clicks that launch.ica file? Is it still using https? Or is it TCP? If it is https, they don't seem to be using the proxy config on the browser any longer, looks like the client is trying to connect right to the CSG. Or could it be that they still using the browser proxy config, but the proxy isn't allowing the tcp request (vs. https). Any ideas? It's hard for us to troubleshoot from our end - especially since most of the tech guys at the client sites don't have access to their proxy/firewall configs. Jennifer Henske AG Edwards Technology Group ************************************************************************ *********** WARNING: All e-mail sent to and from this address will be received or otherwise recorded by the A.G. Edwards corporate e-mail system and is subject to archival, monitoring or review by, and/or disclosure to, someone other than the recipient. ************************************************************************ ************