Watchguard Firebox logs are very good for Firebox series. The SOHO's leave a little to be desired unless your logging to a log server. But I suggest checking those out. You will be able to monitor real time exactly what ports/IPs to/from are being block and be able to see what's going wrong. -----Original Message----- From: Carl Arnoult [mailto:CArnoult@xxxxxxxxxxxxxxxxxxxxx] Sent: Thursday, September 12, 2002 4:54 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Watchguard I have the regular Citrix services set up in the Watchguard for ports = 1494 and 1604. That part works fine, it's the TCP/IP + HTTP port 8080 = traffic that is being blocked. -----Original Message----- From: Evan Mann [mailto:emann@xxxxxxxxxxxx] Sent: Thursday, September 12, 2002 1:48 PM To: 'thin@xxxxxxxxxxxxx' Subject: [THIN] Re: Watchguard Sounds like your not allowing ICA traffic. 1494 TCP. There is a citrix service default for this. Add that and setup the appropriate NAT. -----Original Message----- From: Carl Arnoult [mailto:CArnoult@xxxxxxxxxxxxxxxxxxxxx] Sent: Thursday, September 12, 2002 4:42 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Watchguard Any Citrix shops out there that are also utilizing a Watchguard Firebox = =3D for your firewall? We've configured our 2-server Citrix farm (MF XPa) = =3D to use port 8080 for XML TCP/IP traffic. I need to configure the =3D firewall to pass this traffic from specific external IP addresses for = =3D users working from home. Thus far I've configured the Citrix servers = =3D with ALTADDR for the appropriate public IP addresses and configured the = =3D user's client Firewall setting to use the Alternate Address. I've =3D created a Watchguard service with a static NAT from the appropriate =3D public IP address to the corresponding internal IP for the Citrix =3D servers. However the Watchguard is blocking this traffic when I attempt = =3D to connect from one of the "allowed" remote workstations. =3D20 Thanks... Carl Arnoult Elder Care Alliance 510.434.2805 ********************************************** This weeks sponsor 99Point9.com 99Point9 helps solve your unresolved technical server-based questions, issues and incidents. http://www.99point9.com *********************************************** For Archives, to Unsubscribe, Subscribe or=20 set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm ********************************************** This weeks sponsor 99Point9.com 99Point9 helps solve your unresolved technical server-based questions, issues and incidents. http://www.99point9.com *********************************************** For Archives, to Unsubscribe, Subscribe or=20 set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm ********************************************** This weeks sponsor 99Point9.com 99Point9 helps solve your unresolved technical server-based questions, issues and incidents. http://www.99point9.com *********************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm ********************************************** This weeks sponsor 99Point9.com 99Point9 helps solve your unresolved technical server-based questions, issues and incidents. http://www.99point9.com *********************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link. http://thethin.net/citrixlist.cfm