How to block other users to access 3

[noeleon]

How to block other users to access citrix from internet.

 

[Illuvatar]

If you accept access from internet but want to make sure that not everybody gains access, make sure that you work with Explicit published apps. Do not use anonymous. Also configure security in Connection Configuration and make sure that users logon even when they come from the internet. If you want to secure everything more tighter then make sure that people who connect from the internet and who are allowed to use citrix at your company have an ip address that is allowed to get through the firewall for port 80 and 1494 (if using NFuse).

 

[Bsockel]

It depends how you are granting access to your users to access the internet. We allow some users to gain access through citrix and others not depending apon there position. This is easily fixed if you are using a proxy server. Make sure that you have port 80 in your firewall blocked for the ip address of your server first of all. Here we use NT policies to assign or not assign a proxy address depending on group membership

 

[JeffHicks]

The above suggestions are good. Additionally, I would definitely go into the connection configuration tool and disable rdp if you do not use it and set ica to only run published applications. I believe this is what illuvater was suggesting, but I wanted to spell it out clearly in case you didn't get his out of his message. This setting is under the advanced tab and says Only run published application. This will turn off the ability to make a custom ICA connection to your server. Then you can use groups to assign rights to a published desktop for admin and applications for user. I hope this wasn't repetitive.