OK, I have beating my head on this for too long now I’m really hoping somebody might shed some light on this issue. I have an existing Citrix farm setup with published applications and web access. Until recently users were able to VPN into our network an access the Citrix resources with no issues, then I implemented a new VLAN because we were running out of IP address. Users on the same subnet as the Citrix farm can access the Citrix resources as well as non-VPN users that access the Citrix farm via SSL web. Now that the new VLAN has been implemented and the VPN gives out 10.1.1.x IP address users are unable to access Citrix resource via web or meta frame client.
Originally I thought I may have been a routing issue (which it still could be but I don’t see it.) because once a user connects via VPN they receive a 10.1.1.x IP address and have access to all resources on the 131.107.2.x network via even Terminal services. Which leads me to believe it may be something else.
Here is a really odd thing; while connected the network via VPN and having an IP on the 10.1.1.x network If I create a local Citrix connection through the meta frame client I can see the published apps and servers but if I attempt to connect using the web it returns an error stating that the meta frame server doesn’t exists on the specified address. (Remember I CAN connect via web if I am not connected to the network via VPN.) But I do have to change the connect protocol to TCP/IP instead of HTTP + TCP/IP for that to work.
Current network layout:
Citrix farm:
CitrixWeb_server1 131.107.2.11
Citrix _server1 = 131.107.2.13
Citrix _server2 = 131.107.2.14
---
VPN switch 10.1.1.4
VPN user 10.1.1.x
I read somewhere that the client will automatically perform a broadcast for a master browser so I have setup one of out domain controllers has a mutli-homed server
DC1_server 131.107.2.12 and 10.1.1.12
I have created a static WINS and DNS entry for ICA pointing back to the first Citrix server (Citrix _server1 = 131.107.2.13) and added new access-list to the default gateway router to permit ALL UPD traffic.
Wow sorry for the long post but I hope I m just missing something simple.
Thanks
TalenX
Originally I thought I may have been a routing issue (which it still could be but I don’t see it.) because once a user connects via VPN they receive a 10.1.1.x IP address and have access to all resources on the 131.107.2.x network via even Terminal services. Which leads me to believe it may be something else.
Here is a really odd thing; while connected the network via VPN and having an IP on the 10.1.1.x network If I create a local Citrix connection through the meta frame client I can see the published apps and servers but if I attempt to connect using the web it returns an error stating that the meta frame server doesn’t exists on the specified address. (Remember I CAN connect via web if I am not connected to the network via VPN.) But I do have to change the connect protocol to TCP/IP instead of HTTP + TCP/IP for that to work.
Current network layout:
Citrix farm:
CitrixWeb_server1 131.107.2.11
Citrix _server1 = 131.107.2.13
Citrix _server2 = 131.107.2.14
---
VPN switch 10.1.1.4
VPN user 10.1.1.x
I read somewhere that the client will automatically perform a broadcast for a master browser so I have setup one of out domain controllers has a mutli-homed server
DC1_server 131.107.2.12 and 10.1.1.12
I have created a static WINS and DNS entry for ICA pointing back to the first Citrix server (Citrix _server1 = 131.107.2.13) and added new access-list to the default gateway router to permit ALL UPD traffic.
Wow sorry for the long post but I hope I m just missing something simple.
Thanks
TalenX