Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Error after change to https access only 1

Status
Not open for further replies.
zacca

zacca

Technical User
Dec 25, 2003
333
HK
Hi there,

I would like to open citrix access via public internet, but got some problem, would like your help.
Info:
-w2k3 server + iis6 + citrix xp fr3
-iis6 only allow https traffic
-client will only use webclient to access citrix
-firewall opened 443 & 1394 for public access

After user hit url & type the info of username/pwd/domain, at "metaframe xp message center" it said "ERROR: The Citrix MetaFrame servers cannot process your request at this time. The Citrix MetaFrame servers sent HTTP headers indicating that an error occured. 401 Unauthorized"

The same error also happened even hit the citrix server via internal lan.

If I enable http access to IIS & hit the citrix server via didn't have such problem.

Wondering if this is an IIS issue or Citrix issue? Any suggestion to fix it? What I want to achieve:
-only allow https access to IIS
-user can web-access citrix via public internet

Thanks so much for the help!
 
Sort by date Sort by votes
no, i'm not using secure gateway, just want to simply enable & default to ssl on the iis, so citrix web access also be ssl, many thx!
 
Upvote 0 Downvote
i thought you needed port 1494 open in the first instance? However i tried a similar setup (without secure gateway) and it continually failed due to NATTing problems.

Essentially the client ICA file that is sent to the "client machine" contains the ip address of the internal server network (192.168.x.x) and not the external web address...

You might be able to try altaddr X.X.X.X (and enter the external of the citrix server??)

See it that helps?
 
Upvote 0 Downvote
hi scanjam,

already set the altaddr x.x.x.x & opened oprt 1494

that error msg only happened when i force iis to accept https request only, if i set iis to accept http/https request, i didn't have that error message
 
Upvote 0 Downvote
To use https with Web Interface, you need an SSL proxy, like Secure Gateway.

At least, that's what I've been told ;-)

 
Upvote 0 Downvote
I use the setup you described and it works great! The only thing you cannot do is FORCE SSL on the box. What I did to get around this was to just redirect through IIS, all clients from the NFUSE.htm page to go to the page and this works everytime. But you must only redirect Nfuse.htm and not the whole directory for it will not work. Been using this setup for a year and no problems. The NAT thing was a little tough at first but we use NAT no problem now. Hope that helps.

-Wes
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

gazonk.del
  • Locked
  • Question
How to Copy save_set from Tape to Disk -- Continuation
Replies
0
Views
197
gazonk.del
gazonk.del
wavestar69
  • Locked
  • Question
Trouble starting WinFrame 1.7 after replacing server
Replies
0
Views
208
wavestar69
wavestar69
bdeal4122
  • Locked
  • Question
Remote Access
Replies
2
Views
184
bdeal4122
bdeal4122
DreemaGurl
  • Locked
  • Question
Can't log on to Citrix through emote access portal
Replies
1
Views
388
ntinlin
ntinlin
joemamps
  • Locked
  • Question
Netware 5 slow btrieve transaction after nw50sp6a update.
Replies
1
Views
181
Provogeek
Provogeek

Part and Inventory Search

Sponsor

Back
Top