Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Allow thru Firewall

Status
Not open for further replies.
lstresrt

lstresrt

IS-IT--Management
Sep 2, 2004
5
US
I want too allow users to access our Citrix servers from home. I can punch a hole thru my Watchguard Firewall to allow citrix TCP port 1494 thru.

Is this safe?

How would you set this type of access up?
 
Sort by date Sort by votes
Check this out


Install Web Interfaces on a server in the DMZ, open port 443 to it. (This is the address your users will connect to) Allow 1494 access from the DMZ to the Internal network where your Citrix boxes reside.

You'll need Certificates, either 3rd party or your own (If own, you'll need to have all users install the "root" certificate on their local PC's.)

If you need more info, let me know.

JD
 
Upvote 0 Downvote
We are having a similar issue where we have everything setup on our firewall. We get IP addr ranges from the "customers" that need to connect to our Citrix farm. The majority of the time we encounter a problem on the customer's side where their security team does not allow outgoing traffic on port 1494. This creates a lot of confusion for the end-user and then the Security teams need to get involved and the whole process is tedious explaining how this needs to be setup in order for the users to connect to our citrix farm. Is there a workaround I can use to avoid this problem???
Desparate.
Steve C

Scover@ciena.com
 
Upvote 0 Downvote
If you setup Secure Gateway, the only port that needs to be open on the clients side is 443.
 
Upvote 0 Downvote
Secure Gateway is an add on product from Citrix.

[blue]Arguably the best cat skinner around ! [/blue]

Cheers
Scott
 
Upvote 0 Downvote
This is how I did it.

I am having my outside users connect with PPTP VPN connection and authenticate to our Watchguard Firewall. Once they authenticate to the firewall they must log on to our domain.

It works, seems to be safe.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SpenceWaller
  • Locked
  • Question
Citrix CSG - Allow users to change password
Replies
0
Views
77
SpenceWaller
SpenceWaller
smokey7244521
  • Locked
  • Question
Citrix Published apps thru VPN
Replies
0
Views
64
smokey7244521
smokey7244521
andyshriver
  • Locked
  • Question
Cannot Log On to Citrix Presentation Server Through New Cisco Firewall
Replies
1
Views
85
andyshriver
andyshriver
kameelperdza
  • Locked
  • Question
Allow each share to be visible/accessible only from specified network
Replies
2
Views
57
kameelperdza
kameelperdza
blakey2
  • Locked
  • Question
Limit app to single instance but allow session to 'follow me'
Replies
2
Views
53
blakey2
blakey2

Part and Inventory Search

Sponsor

Back
Top