[THIN] Re: Nfuse in a back-to-back DMZ
- From: "Stuart Pittwood" <SPittwood@xxxxxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Tue, 10 Jun 2003 16:11:16 +0100
It's all working now.
Thanks for all your input everyone it is much appreciated.
Stu P
-----Original Message-----
From: Ron Oglesby [mailto:roglesby@xxxxxxxxxxxx]=20
Sent: 10 June 2003 15:54
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Nfuse in a back-to-back DMZ
Make sure to right click on the icon for the app and save the ICA file.
Edit it in notepad and see what IP address you are getting there. Verify
it is the one you can telnet to from the internet.
Ron Oglesby
Senior Technical Architect
=3D20
RapidApp
Office 312.372.7188
Mobile 815.325.7618
email roglesby@xxxxxxxxxxxx
=3D20
-----Original Message-----
From: Stuart Pittwood [mailto:SPittwood@xxxxxxxxxxxxxxxxx]=3D20
Sent: Tuesday, June 10, 2003 9:43 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Nfuse in a back-to-back DMZ
Ron,
Thanks for the reply it was incredibly helpful and I think I'm almost
there with this setup.
Now everything is setup I can telnet into the metaframe server from the
internet on ports 1494 & 8081 (our XML port).
The web pages enumerate the application list and generate the webpages.
However, when I try to run one of the apps. I get "The citrix metaframe
server you have selected is not accepting connections".
Both the server is active and listening and logons are enabled.
Can anyone tell me where the problem could lie?
Any input appreciated
Stu Pittwood
-----Original Message-----
From: Ron Oglesby [mailto:roglesby@xxxxxxxxxxxx]=3D3D20
Sent: 10 June 2003 15:01
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Nfuse in a back-to-back DMZ
Comments in line:
In a back-to-back DMZ where both firewalls are performing NAT what
should the alternate address on the metaframe farm be? the address the
address on the internal firewall or the address on the external
firewall?
=3D3D3D20
Depends: If the servers are behind the second firewall and the first
(outside) nats to an address that the second (inside) then NATs again
and the clients are connecting via this NAT string and not via the CSG
then the OUTSIDE address of the NAT on the outside firewall is the
altaddr. This is the address that the client (over the internet) will
route to.
If they are using the CSG then some NAT and altaddr may still be
required or you may have to play with XML DNS name resolution
Also, in the Nfuse.conf file what should the serve be specified as?
Again the address on the internal firewall or the external firewall?
HUH? If the NFUse servers are between the firewalls then use the
address that the Web server can use to reach the MF boxes. I assume the
address on the second (internal)firewall.
=3D3D3D20
Final question, is it possible for two nfuse sites to be run on one web
server looking at different addresses for the metaframe server?
Not with NFuse 1.7-1.8/2.0
Get an older copy of 1.61 with Columbia and you can copy that directory
to anywhere you want and run duplicate sites.
Ron Oglesby
Senior Technical Architect
=3D3D3D20
RapidApp
Office 312.372.7188
Mobile 815.325.7618
email roglesby@xxxxxxxxxxxx
=3D3D3D20
-----Original Message-----
From: Stuart Pittwood [mailto:SPittwood@xxxxxxxxxxxxxxxxx]=3D3D3D20
Sent: Tuesday, June 10, 2003 3:49 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Nfuse in a back-to-back DMZ
In a back-to-back DMZ where both firewalls are performing NAT what
should the alternate address on the metaframe farm be? the address the
address on the internal firewall or the address on the external
firewall?
=3D3D3D20
Also, in the Nfuse.conf file what should the serve be specified as?
Again the address on the internal firewall or the external firewall?
=3D3D3D20
Final question, is it possible for two nfuse sites to be run on one web
server looking at different addresses for the metaframe server?
=3D3D3D20
Thanks in advance
=3D3D3D20
_________________________
Stuart Pittwood, CCNA, MCSE
IT Technician
Amery-Parkes Solicitors
=3D3D3D20
********************************************************
This weeks sponsor - Emergent Online 99Point9.com
Designed to facilitate efficient resolution of your technical
server-based questions, issues and incidents, technical support is a few
mouse-clicks away: you submit your incident-specific support requests
via our online support helpdesk, our certified engineers resolve them
while you monitor the progress, and your systems get back to 99.9%
up-time in no time.
http://www.99point9.com=3D3D3D20
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
For Archives, to Unsubscribe, Subscribe or=3D3D3D20
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This weeks sponsor - Emergent Online 99Point9.com
Designed to facilitate efficient resolution of your technical
server-based questions, issues and incidents, technical support is a few
mouse-clicks away: you submit your incident-specific support requests
via our online support helpdesk, our certified engineers resolve them
while you monitor the progress, and your systems get back to 99.9%
up-time in no time.
http://www.99point9.com=3D3D20
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
For Archives, to Unsubscribe, Subscribe or=3D3D20
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This weeks sponsor - Emergent Online 99Point9.com
Designed to facilitate efficient resolution of your technical
server-based questions, issues and incidents, technical support is a few
mouse-clicks away: you submit your incident-specific support requests
via our online support helpdesk, our certified engineers resolve them
while you monitor the progress, and your systems get back to 99.9%
up-time in no time.
http://www.99point9.com=3D20
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This weeks sponsor - Emergent Online 99Point9.com
Designed to facilitate efficient resolution of your technical
server-based questions, issues and incidents, technical support is a few
mouse-clicks away: you submit your incident-specific support requests
via our online support helpdesk, our certified engineers resolve them
while you monitor the progress, and your systems get back to 99.9%
up-time in no time.
http://www.99point9.com=20
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This weeks sponsor - Emergent Online 99Point9.com
Designed to facilitate efficient resolution of your technical server-based
questions, issues and incidents, technical support is a few mouse-clicks away:
you submit your incident-specific support requests via our online support
helpdesk, our certified engineers resolve them while you monitor the progress,
and your systems get back to 99.9% up-time in no time.
http://www.99point9.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
Other related posts:
