Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SSL Error after upgrade to ICA 8.0 client

Status
Not open for further replies.
nix45

nix45

MIS
Nov 21, 2002
478
US
MetaFrame XP FR3/SP3
Windows 2000 SP4

I updated the ICA Client Update Database with the newest ICA 8.0 clients for both Windows and Linux. After each home user is automatically upgraded to 8.0, they can no longer connect to any published apps via SSL over the internet. The published apps are enumerated without a problem when setting up the ICA connection, so it doesn't seem to be an SSL issue since the client obviously does trust the certificate that is presented to it. When you try to connect to the app, after about 20 seconds you get "Cannot connect to the Citrix MetaFrame server. There is no Citrix SSL server configured on the specified address".

I ran a network protocol analyzer on the workstation while the client was trying to connect. I see that it makes a connection to the outside of our firewall on port 443, and then actually does connect to the MetaFrame server on its local IP (192.168.0.x) before the connection is dropped.

Everything works perfect using any client older than 8.0.

Any ideas?

Thanks,
Chris

 
Sort by date Sort by votes
fyi, this problem only exists on the Windows machines. The Linux machines work fine via SSL after the auto-upgrade.
 
Upvote 0 Downvote
not sure if this is normal or not, but I just realized that every time I initiate the SSL connection, in Event Viewer two events pop up every time...

Source: ServiceControlManager
EventID: 7035
The Telephony service was successfully sent a start control.

Source: ServiceControlManager
EventID: 7036
The Telephony service entered the running state.


What does using the ICA client have to do with the Telephony service?
 
Upvote 0 Downvote
fyi, clients running ICA 8.0 cannot connect from the internet through our firewall, but have no trouble connecting internally via SSL. Only clients running ICA clients earlier than 8.0 can connect both ways (from the internet and from the LAN).
 
Upvote 0 Downvote
I've come up with a solution that works, and thats to downgrade and revert back to ICA 7.0 :) ICA 8.0 is very buggy. I found another bug with 8.0, except this time its ICA 8.0 for Linux. Client redirection from server to client (web browsing) does not work at all with 8.0, but once I reverted back to 7.0 everything was working again.

To anyone reading this who's running MFXP FR3, DO NOT upgrade to ICA 8.0 without fully testing it.

Chris
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

P
  • Locked
  • Question
Recovery Disc failing to verify correct PC even though it is. 2006 Palvilion a1410y
Replies
0
Views
340
PalBadium
P
gazonk.del
  • Locked
  • Question
How to Copy save_set from Tape to Disk -- Continuation
Replies
0
Views
396
gazonk.del
gazonk.del
wavestar69
  • Locked
  • Question
Trouble starting WinFrame 1.7 after replacing server
Replies
0
Views
494
wavestar69
wavestar69
joemamps
  • Locked
  • Question
Netware 5 slow btrieve transaction after nw50sp6a update.
Replies
1
Views
348
Provogeek
Provogeek
kenowens
  • Locked
  • Question
client application ramdomly creates duplicate sessions
Replies
1
Views
289
blister911
blister911

Part and Inventory Search

Sponsor

Back
Top