Jay, I'm not sure I understand. Your STA is a machine, usually internal, that handles the authentication steps. It has the STA piece of Secure Gateway installed. If what you are asking about is the secure certificate(s) needed, then that is a whole different ballgame. We generate our own, but it does cause problems. They are no more or less secure than any other 128bit certificate, but you have to have your root added as a Trusted Root CA on every client machine. In some cases that is a real pain. Had I the chance to do it over again, I might choose a different route and just cough up the cash. -Paul > ---------- > From: Jensen, Jay[SMTP:jjensen@xxxxxxxxx] > Reply To: thin@xxxxxxxxxxxxx > Sent: Thursday, May 08, 2003 10:22 AM > To: 'thin@xxxxxxxxxxxxx' > Subject: [THIN] Re: NFUSE and NAT > > > This a question for all of you. > > In the Citrix Secure Gateway environment, a question came up that I would > like your expert opinions. An assumption is that we have a secure external > firewall, DMZ, and secure internal firewall. > > The Secure Ticket Authority (STA). Is it more secure to install your own > internal STA server versus using a 3rd-Party Certificate Authority from an > external secure CA? > > What are the arguments either way? > > Thanks in advance. > Jay > > -----Original Message----- > From: Stansel, Paul [mailto:Paul.Stansel@xxxxxxxxxxxxx] > Sent: Thursday, May 08, 2003 9:03 AM > To: 'thin@xxxxxxxxxxxxx' > Subject: [THIN] Re: NFUSE and NAT > > > > Sure, you will just need to use the ALTADDR for the MF servers. > > -Paul > > > ---------- > > From: Trygve Ryslett[SMTP:trygve.ryslett@xxxxxxx] > > Reply To: thin@xxxxxxxxxxxxx > > Sent: Thursday, May 08, 2003 10:00 AM > > To: thin@xxxxxxxxxxxxx > > Subject: [THIN] NFUSE and NAT > > > > > > Is this possible ? How ? > > The firm have a Cisco router with NAT, and wants to be able to reach the > > NFUSE/MF servers over NAT connection via router.. > > > > > > > > Trygve > > > > ******************************************************** > > This Week's Sponsor - Emergent Online > > EOL's Universal Printer new Features include: > > Network Printing, Pagestreaming, 2400 DPI. > > No Client Software Required! > > http://www.go-eol.com/ > > ********************************************************** > > > > For Archives, to Unsubscribe, Subscribe or > > set Digest or Vacation mode use the below link: > > http://thethin.net/citrixlist.cfm > > > ******************************************************** > This Week's Sponsor - Emergent Online > EOL's Universal Printer new Features include: > Network Printing, Pagestreaming, 2400 DPI. > No Client Software Required! > http://www.go-eol.com/ > ********************************************************** > > For Archives, to Unsubscribe, Subscribe or > set Digest or Vacation mode use the below link: > http://thethin.net/citrixlist.cfm > ******************************************************** > This Week's Sponsor - Emergent Online > EOL's Universal Printer new Features include: > Network Printing, Pagestreaming, 2400 DPI. > No Client Software Required! > http://www.go-eol.com/ > ********************************************************** > > For Archives, to Unsubscribe, Subscribe or > set Digest or Vacation mode use the below link: > http://thethin.net/citrixlist.cfm > ******************************************************** This Week's Sponsor - Emergent Online EOL's Universal Printer new Features include: Network Printing, Pagestreaming, 2400 DPI. No Client Software Required! http://www.go-eol.com/ ********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm