Nfuse 1.7 though a firewall

[mrpeashop]

I work for a blue chip company and as such they have numerous ports blocked on their firewall and also they block perfectly reasonable web sites webmail etc. I had a great idea to get round this but it seems to be failing at the last hurdle, this is my plan:

At home behind a router I have a W2K server SP3 Citrix XP Nfuse 1.7 internet explorer version 6 published and port mapping on the router on port 80

Remotely coming through a firewall (from work) I can see the Nfuse default logon page I can logon fine and see the published application (IE) but when I try to start IE the initial logon starts but then I get the classic "Can not connect to the Citrix MetaFrame server the Citrix MetaFrame server you have selected is not accepted connections"

Do I need another port forwarded or worst another port open on the company firewall?

If I run the same thing locally the IE fires up first time which suggests this is a network issue of some type

 

[Ogi]

Open the following on your own firewall:-

TCP 1494
UDP 1604

Then from an internet connection (a friend or cafe) try to connect to your nfuse and then select your published app, it "should" work!

From work, it probably won't, due to the above, but worth testing!

Cheers,
Carl.

 

[paintballer]

You could also try changing the "transport type" in the Nfuse Admin webpage to "https", as most firewalls will allow that port. You could also try setting up a Citrix Secure Gateway solution, and just sell you administrators on the fact that it's secure, and they should allow whatever ports you need. (Probably a tough sell, I know...)

Good luck.

 

[mrpeashop]

Thanks for everyone's help thus far, however as you can surmise form this entry all is still not well. I do however have extra information which may shed some light on the issues.

I am only using Nfuse as I thought this would negate the need for using port 1494 this I now think is not true. Must I use a ICA port either 1494 or other?

I have port scanned company firewall and the only ports open are:
80 http-www
8080 http-proxy
If I were to port forward these on my home router and connect via an ICA client using HTTP/TCP protocol would I connect or must I have a ICA port?

I did try this, port forwarded at home on 8080 and changed the ICA port on the Citrix box to 8080 and tried to connect from work defining 8080 on the client connection did not work

 

[Ogi]

No, as far as I know, TCP Port 1494 does need to be open, you may not need UDP Port 1604 open as you are not using Citrix Program Neighborhood.

Have you tried connecting from anywhere other than your office? And does that work?

Cheers,
Carl.

 

[xs4citrix]

NFuse if the webbased version of the program neighbourhood client, and does not turn citrix traffic from 1494 to 80.
If port 1494 is a problem, i would suggest that you take a look at Citrix Secure Gateway, which tunnels all traffic through port 443 (same as https pages).
CSG is free for Subscription Advantage users, and can be downloaded form

http://www.mycitrix.com.

If that is not an option, then yes; just run the icaport command to turn 1494 into 8080, and alter the following line in your template.ica file of the nfuse server from:

Address=[NFuse_AppServerAddress]

into:

Address=[NFuse_AppServerAddress]:8080

http://www.printingsupport.com

Free citrixprinting support