[THIN] Re: published apps through firewall.

• From: "Joe Shonk" <JShonk@xxxxxxxxxxxxxx>
• To: <thin@xxxxxxxxxxxxx>
• Date: Thu, 26 Dec 2002 14:03:29 -0800

You do need one external IP address for each MF server, unless your are =
doing port translation (not recommended).

Also, consider using CSG...  In this case you will not need altaddr and =
you will only need to expose one IP address for CSG (and one for NFuse)  =
That will cover your entire farm.

Joe

-----Original Message-----
From: Paul Beckman [mailto:pbeckman@xxxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, December 24, 2002 1:02 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: published apps through firewall.



I should not have to add a public address for all the servers.  it =3D
should only have to have one address.  Remember...  If I stop the IMA =
=3D
service and then restart it will allow you to connect once but not =3D
twice.... =3D20

-----Original Message-----
From: Chris Lynch [mailto:lynch00@xxxxxxx]
Sent: Tuesday, December 24, 2002 1:30 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: published apps through firewall.



Make sure that ALL of your MetaFrame servers have a NAT address on your
firewall, and that you have added the ALTADDR command to ALL of your
MetaFrame server with the correct IP address.  If you are doing PAT on
your firewall, make sure your ALTADDR command's IP address is in the
form of www.xxx.yyy.zzz:pppp, where pppp is the port number.  This goes
for any servers that are in any other Zone's, and any other 1.8 servers
that are "part" of the same farm, even if there are legacey 1.8 servers
that are connected with a license gateway.

Chris

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Paul Beckman
Sent: Tuesday, December 24, 2002 11:09 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: published apps through firewall.



yeup I have done it all.

-----Original Message-----
From: Joe Shonk [mailto:JShonk@xxxxxxxxxxxxxx]
Sent: Tuesday, December 24, 2002 11:36 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: published apps through firewall.



And Paul,  in addition to what Chris mentioned.  You will also need to =
=3D
=3D3D
=3D3D3D change the port used for the server in the address list.
(HTTP/HTTPS) =3D3D =3D3D3D under the connections tab.

-----Original Message-----
From: Chris Lynch [mailto:lynch00@xxxxxxx]
Sent: Tuesday, December 24, 2002 10:27 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: published apps through firewall.



Opps.  I mean the Connection Tab.

Chris

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Paul Beckman
Sent: Tuesday, December 24, 2002 9:23 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: published apps through firewall.



I have done what you suggested already...  still no good.

-----Original Message-----
From: Joe Shonk [mailto:JShonk@xxxxxxxxxxxxxx]
Sent: Tuesday, December 24, 2002 11:19 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: published apps through firewall.



A few things...

Close off ports 1604 and 80 (since you mentioned you changed the XML =3D
=3D3D3D
=3D3D3D3D3D
port)
Open up the port for XML.
Assign the public address to the firewall and translate it to the =3D3D
=3D3D3D3D3D internal ip of the server (the server should only have one =
IP
address =3D3D =3D3D3D =3D3D3D3D =3D3D3D3D3D
assigned)
Set the Altaddr on the server.

Other suggestions,  Implement SSL Relay.   Having the XML service open =
=3D
=3D3D
=3D3D3D
=3D3D3D3D
=3D3D3D3D3D
to the public will expose which application are published.

Joe

-----Original Message-----
From: Paul Beckman [mailto:pbeckman@xxxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, December 24, 2002 8:13 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] published apps through firewall.


I am running XP on W2k.
I have 1494, 1604, and 80 with a public address translated to my =3D
=3D3D3D3D3D
internal Citrix IP. I can browse the apps but get an I/O error when
trying to connect. If I put the public address in the server box on a
custom ICA connection =3D3D3D3D =3D3D3D3D3D I can connect to the =
desktop. If =3D
I =3D3D
stop =3D3D3D and restart the IMA service I can connect to the published
=3D3D3D3D3D apps =3D3D once, but if I disconnect I can not reconnect. I =
have
also put the XML port on a different port # We do not have IIS running
on this server. and I also created open ports for another server and the
same thing =3D3D3D3D3D =3D3D happens. =3D3D3D I have been on the phone =
with =3D
Citrix
and no luck. =3D3D3D3D3D20 Does anyone =3D3D have any ideas? =
=3D3D3D3D3D20 =3D
Thanks,
Paul


***********************************************=3D3D3D3D3D20
This Weeks Sponsor: 99point9.com
The 99Point9.com Online Tech Support=3D3D3D3D3D20
Helpdesk is the one-stop solution for all=3D3D3D3D3D20
your server-based computing needs.=3D3D3D3D3D20 http://www.99point9.com
************************************************
For Archives, to Unsubscribe, Subscribe or=3D3D3D3D3D20
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm
***********************************************=3D3D3D3D20
This Weeks Sponsor: 99point9.com
The 99Point9.com Online Tech Support=3D3D3D3D20
Helpdesk is the one-stop solution for all=3D3D3D3D20
your server-based computing needs.=3D3D3D3D20 http://www.99point9.com
************************************************
For Archives, to Unsubscribe, Subscribe or=3D3D3D3D20
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm
***********************************************=3D3D3D20
This Weeks Sponsor: 99point9.com
The 99Point9.com Online Tech Support=3D3D3D20
Helpdesk is the one-stop solution for all=3D3D3D20
your server-based computing needs.=3D3D3D20
http://www.99point9.com
************************************************
For Archives, to Unsubscribe, Subscribe or=3D3D3D20
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm


***********************************************=3D3D3D20
This Weeks Sponsor: 99point9.com
The 99Point9.com Online Tech Support=3D3D3D20
Helpdesk is the one-stop solution for all=3D3D3D20
your server-based computing needs.=3D3D3D20
http://www.99point9.com
************************************************
For Archives, to Unsubscribe, Subscribe or=3D3D3D20
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm
***********************************************=3D3D20
This Weeks Sponsor: 99point9.com
The 99Point9.com Online Tech Support=3D3D20
Helpdesk is the one-stop solution for all=3D3D20
your server-based computing needs.=3D3D20
http://www.99point9.com
************************************************
For Archives, to Unsubscribe, Subscribe or=3D3D20
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm
***********************************************=3D20
This Weeks Sponsor: 99point9.com
The 99Point9.com Online Tech Support=3D20
Helpdesk is the one-stop solution for all=3D20
your server-based computing needs.=3D20
http://www.99point9.com
************************************************
For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm


***********************************************=3D20
This Weeks Sponsor: 99point9.com
The 99Point9.com Online Tech Support=3D20
Helpdesk is the one-stop solution for all=3D20
your server-based computing needs.=3D20
http://www.99point9.com
************************************************
For Archives, to Unsubscribe, Subscribe or=3D20
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm
***********************************************=20
This Weeks Sponsor: 99point9.com
The 99Point9.com Online Tech Support=20
Helpdesk is the one-stop solution for all=20
your server-based computing needs.=20
http://www.99point9.com
************************************************
For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm
*********************************************** 
This Weeks Sponsor: 99point9.com
The 99Point9.com Online Tech Support 
Helpdesk is the one-stop solution for all 
your server-based computing needs. 
http://www.99point9.com
************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm

Other related posts:

• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.
• » [THIN] Re: published apps through firewall.

1. Home
2. thin
3. Archive
4. 12-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---