Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations MikeeOK on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Firewalls .... again

Status
Not open for further replies.
ascotta

ascotta

Vendor
Sep 15, 2003
7,394
AU
OK here we go.

Borderware firewall.

Can only connect to the 1 server to run my apps.
Does not load balance.

WIN2K sp3.

XPa farm running at fr2. SQL data store on another box.

secure gateway used and STA and nfuse all on separate boxes.

I believe we have SG and NFUSE(IIS) outside firewall STA and MF farm inside.

1) what is the correct positioning of these servers.
(by correct I mean working).

2) Anyone with borderware experience ?
3) Why won't it load balance ?

My understanding is that with this scenario I can have secure port from client direct to MF farm is that so ?

Am I a complete divvy. If anyone can point me at a non citrix site explanation (they assume too much and have gaping holes in the documentation) or can someone give me a nice and simple (no big words or assumptions) step by step blow by blow explanation as to the black magic that is this subject. My simpleton understanding is obviously confused.
 
Sort by date Sort by votes
Are you using Citrix or Microsoft Load Balancing?

Ideal setup =

Firewall 1 (outside)
:port 443: CSG server + CSG-Enabled NFuse server (Inside DMZ)
:port 1494 to MF Farm and Port 80 (or whatever) to XML Service)
:STA and MF Farm (Behind Firewall 2).

If you can connect and run a single Published App, this is probably set up OK already.

I don't believe you need Borderware experience per se (mine is limited!), just the correct ports open.

Hope this is helpful

 
Upvote 0 Downvote
Are you using Citrix or Microsoft Load Balancing?

Now there is a question.

We have several xp servers in the farm and XPa therfore Citrix load balancing is in place and works great on the LAN.

I thought there was no real thing called Microsoft load balanacing and it was just a flukey function of DNS round robin. call several machines ica.wherever.whatnot and it should work.

As I said we can connect to one server and not the rest. However if we change to port 1495 it works but obviously lan users get a tad cheesed off.

Cheers Scott.
 
Upvote 0 Downvote
Well Microsoft call it Load Balancing ;-)

If you've got Citrix LM in place, then the farm should be working on the rules you set to determine the server with the lowest load at the point of connection.

Remember that Load Management only works with published applications. If you just want to connect to server desktops, then publish the desktop.

Hope this helps

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Juandaman81
  • Locked
  • Question
me again
Replies
2
Views
98
Juandaman81
Juandaman81
tasminracer
  • Locked
  • Question
Backup Software (again)
Replies
4
Views
116
marvhuffaker
marvhuffaker
holdahl
  • Locked
  • Question
Authenticate Samba against Windows AD - problems
Replies
0
Views
64
holdahl
holdahl
davinwave
  • Locked
  • Question
Authenticate Samba against Novell NDS
Replies
0
Views
58
davinwave
davinwave
BobMCT
  • Locked
  • Question
Asked before but asking again! Samba as PDF?
Replies
0
Views
32
BobMCT
BobMCT

Part and Inventory Search

Sponsor

Back
Top