I've been tinkering around with an Advanced Access Control and Citrix Access Gateway 4.5 solution for our new remote access portal. I've been able to get all my customizations to the site done, and all my resources defined and showing up right for remote connecting staff, but I can't seem to get the Network resources to be passed through at all, and I feel like I'm missing something silly. As the CAG is under the control of the AAC, I edited the gateway appliance properties and setup all the "accessible networks" that we need. The subnet entries made to the gateway appliance are mirrored under the "network resources", and I know that my access policies / resource groups are also setup appropriately as my test users are otherwise able to access all the other content (file shares / websites / pub apps) assigned to them. So here's my confusion with this... According to the admin guide section on setting up network resources (pages 119-120): "The Secure Access Client software listens on the specified port." "When users connect with the Secure Access Client they can view a list of their network resources in the client properties." The secure access client software as far as I'm aware is the VPN client software typically available from your CAG via "https://<servername>/citrixsaclient.exe", but we have the AAC component in our setup which limits users direct ability to install the secure access client software (at least via the typical login to the portal) If I setup a remote system with the secure access client software for our solution and try to connect only with it I get connection errors, and a session cannot be established. Otherwise logging in via the portal page works fine for everything except for the network resources (IE - users after authentication to the portal, cannot establish any type of connection from their local machine to assigned networks) So what am I missing? With an AAC / CAG 4.5 solution how are users who are granted network resources supposed to be able to get to them? Any ideas? Thanks list, and happy friday ;) ~Lan PS - the only oddity I can think of with our setup currently is that our 4.5implementation is not using a public cert at this time (it will once it's moved into production), currently it's using a domain specific cert, but all clients systems I've been testing with Trust the cert provider. When testing with the secure access client, the property of "disable security certificate warnings" is checked.