[THIN] Re: Watchguard
- From: "Brian Politis" <bpolitis@xxxxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Thu, 12 Sep 2002 18:51:06 -0400
For port 8080 you'll need to create custom policy. Then set it up for
NAT on the external Ips to the internal. Since 8080 is a non-standard
port, I don't think the WG has a standard policy to cover it.
-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Tyler Kinchen
Sent: Thursday, September 12, 2002 5:02 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Watchguard
Call me crazy but is there a rule in the firewall allowing the
traffic = on port 8080 through as web traffic (and to the Citrix
servers)? If so, = I would definitely eyeball the logs on the firewall
when a connection is = being made and figure out what rule is dropping
that connection. HTH.
Regards,
Tyler Kinchen
tkinchen@xxxxxxxxxxxxx
> -----Original Message-----
> From: Carl Arnoult [mailto:CArnoult@xxxxxxxxxxxxxxxxxxxxx]
> Sent: Thursday, September 12, 2002 4:54 PM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: Watchguard
>=20
>=20
>=20
> I have the regular Citrix services set up in the Watchguard=20 for
>ports =3D 1494 and 1604. That part works fine, it's the TCP/IP +
>HTTP=20 port 8080 =3D
> traffic that is being blocked.
>=20
> -----Original Message-----
> From: Evan Mann [mailto:emann@xxxxxxxxxxxx]
> Sent: Thursday, September 12, 2002 1:48 PM
> To: 'thin@xxxxxxxxxxxxx'
> Subject: [THIN] Re: Watchguard
>=20
>=20
>=20
> Sounds like your not allowing ICA traffic. 1494 TCP. There=20
> is a citrix
> service default for this. Add that and setup the appropriate NAT.
>=20
> -----Original Message-----
> From: Carl Arnoult [mailto:CArnoult@xxxxxxxxxxxxxxxxxxxxx]
> Sent: Thursday, September 12, 2002 4:42 PM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Watchguard
>=20
>=20
>=20
> Any Citrix shops out there that are also utilizing a=20
> Watchguard Firebox =3D
> =3D3D
> for your firewall? We've configured our 2-server Citrix farm=20
> (MF XPa) =3D
> =3D3D
> to use port 8080 for XML TCP/IP traffic. I need to configure the =
=3D3D
> firewall to pass this traffic from specific external IP=20 addresses
> for =3D =3D3D
> users working from home. Thus far I've configured the Citrix=20
> servers =3D
> =3D3D
> with ALTADDR for the appropriate public IP addresses and=20
> configured the =3D
> =3D3D
> user's client Firewall setting to use the Alternate Address. I've =
=3D3D
> created a Watchguard service with a static NAT from the=20 appropriate
> =3D3D public IP address to the corresponding internal IP for the
> Citrix =
=3D3D
> servers. However the Watchguard is blocking this traffic=20 when I
>attempt =3D =3D3D
> to connect from one of the "allowed" remote workstations. =3D3D20
>=20
> Thanks...
>=20
> Carl Arnoult
> Elder Care Alliance
> 510.434.2805
>=20
**********************************************
This weeks sponsor 99Point9.com
99Point9 helps solve your unresolved technical
server-based questions, issues and incidents. http://www.99point9.com
***********************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
**********************************************
This weeks sponsor 99Point9.com
99Point9 helps solve your unresolved technical
server-based questions, issues and incidents.
http://www.99point9.com
***********************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
Other related posts: