Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

NFuse Connectivity

Status
Not open for further replies.
ascotta

ascotta

Vendor
Sep 15, 2003
7,394
AU
I am being driven round the wall here.
I have a web server in a DMZ.
I have 3 citrix servers on my LAN only one of which I want exposed.
I can get to the web server http & https with certificates.
But I keep getting citrix server cannot resolve name when I log in.
I have a translation between firewall and lan on port 80 for the citrix server ie citrix server has a DMZ address. I have an altaddr for the citrix server, which is an outside address(not DMz)

Another question that will come up is how the devil do I authenticate users to the domain. Its an outside company that deal with the Firewall/DMZ

kinda like

outside | DMZ | LAN
everyone | web server| Citrix

I will be putting Secure gateway and Sta in but I need to know I have basic connectivity first.

What the devil am I doing wrong.



Cheers
Scott
 
Sort by date Sort by votes
Do you have port 1494 open for ICA and 443 for SSL? Without CSG you will also need to open some ports >1023 inbound for connections.

 
Upvote 0 Downvote
Hi CitrixEngineer,

Yes I asked for 1494 to be open, whats 1023 for ?
But these firewall guys are a bit anal with letting me know what is open and what is not.

I think I want 1495 open all the way through to the LAN.
They have mapped me my Citrix server to the DMz on port 80 so i can ping the Citrix server from my web server. Really wish I knew what I was doing with this firewall stuff. Many other sites I've done piece of cake no DMZ tho.


Cheers
Scott
 
Upvote 0 Downvote
Until you start using CSG, you need an inbound TCP connection to your NFuse server.

When you have CSG in place, you can just use secure port 443.

 
Upvote 0 Downvote
since your getting the "citrix server cannot resolve name" error it souds like an SSL/DNS error.

SSL requires FQDN's.

If your outside users are using someone elses DNS they may not be able to resolve the FQDN of the server.

Since you haven't configured CSG yet did you select SSL/TLS on the published applications properties?

If your SSL certs are configured correctly you can test this theory by using a host file on the client side to enumerate the fqdn.

Tony
 
Upvote 0 Downvote
Not using SSL at present.
Will set this up once connectivity in place.


Yes I assume it is something like that although because I am not using SSL yet then I should be able to get through the firewall, once set up I should then just have to change a couple of things and bobs your uncle.

Certificates are ready to go when connectivity up and running.

As I explained, probalbly badly, I am not in charge of the firewall. I cannot change stuff on the fly.

I have 80 open to nfuse/Web server. I have 1494 open to DMZ,
I have 443 and 444 open to DMZ. I have citrix server mapped to DMZ, on port 80. Any further ideas.

NB SSL not an issue at present its not switched on.

Cheers
Scott
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

aircraftcarrier
  • Locked
  • Question
Application Connectivity in Presentation sever 4
Replies
2
Views
67
aircraftcarrier
aircraftcarrier
JManley1116
  • Locked
  • Question
NFUSE ICA Web Client Install
Replies
0
Views
114
JManley1116
JManley1116
scanjam
  • Locked
  • Question
Device connectivity for USB support?
Replies
0
Views
50
scanjam
scanjam
karock
  • Locked
  • Question
User can not log into nfuse
Replies
2
Views
135
enigma99
enigma99
AdminDragon
  • Locked
  • Question
Citrix XPa Unspecified Error in NFUSE user log in
Replies
1
Views
102
krazykatz
krazykatz

Part and Inventory Search

Sponsor

Back
Top