Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SSL relay question

Status
Not open for further replies.

999Dom999

Technical User
Apr 25, 2002
266
GB
Our salesman want to be able to access citrix from anywhere, and would like to access from any internet access facility, the only problem being firewalls. Currently they use vpn and citrix which works ok with their laptops but they might be using other computers.

So I guess using the ssl relay will give them access using ssl so near enough anywhere with internet access should work.

I know ssl uses certificates but is this in between the webserver and citrix server? or does the client need a certificate to gain access? If they do then this won't provide what I need, if they don't need a certificate then this should be exactly what I need.

If it dosen't do what I want, do you know any alternatives? Main thing is easy access from anywhere with some level of security?

Are there any guides for setting up the ssl relay using Metaframe XP and windows 2000 server?

Thanks in advance [pipe]
 
I'd of thought that rather than the SSL causing you issues it would be TCP port 1494 being closed on the Firewalls.

Also, you say you use VPN, can I read into it that if you are at home and dial up your ISP, you can connect to your Citrix servers without VPN and it's client running?

Cheers,
Carl.
 
Citrix Secure Gateway is designed just for that scenario. We have it installed at several client locations and it works great.

Coty
 
The users when at home use a vpn then connect. I don't want to just open up port 1494 as its not secure, but I basically want to be able to walk into say an internet cafe and log on to citrix, if its using ssl then I can see it working, but its just the certifcate thing I am not sure on.

Coty is citrix secure gateway part of the normal citrix installation or an addon product, and is this anything to do with SSL relay - sorry me a citrix newb !
 
Design question - Citrix SG or SSL Relay?

Hi, I have been handed a partially-built/tested Nfuse to Metaframe pilot and been asked to secure it. The software version is XPa, FC2. The Nfuse server is a Win2k, 400 MHZ single processor with a GIG of RAM (in the DMZ). We don't want our clients to require opening any additional ports on their firewall (just 443). Our initial thought was to go with SSL Relay. We bought one certificate for Nfuse and weren't sure if we needed another for the Metaframe or SSL Relay (this server sits inside the network). After further reading, it seems like the SG option would be best. Is the overhead too much for the Nfuse server? Will clients experience a lag? How many certs do I need with SG vs. SSL Relay? I just want to get my design down before moving forward. Any document links would be very much appreciated.
JB111
 
SG without doubt, look on Citrix web site there are good admin guides there for it.

[blue]Arguably the best cat skinner around ! [/blue]

Cheers
Scott
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top