[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Adding a ip's to the firewall - Citrix problems
Hi, If you want to use the browsing functionallity, you have to open UDP-port 1604. "The WinFrame TCP/IP client uses the UDP (User Datagram Protocol) feature of the TCP/IP protocol suite when browsing for a WinFrame server. UDP is a connectionless mode protocol, providing a potentially unreliable, unsequenced, and/or duplicated (because it leaves these functions to other protocol layers) communications layer. The WinFrame client broadcasts UDP packets to the network with a destination address of UDP port 1604 (0644 hex) and the source address of the client is any high UDP port (any port over 1023). A WinFrame server replies with a UDP packet where the data area contains the names of the current WinFrame servers. The pull down list is built using this information. This use of UDP can be eliminated by connecting using the IP address rather than by browsing." I have some good links about citrix thorugh a firewall: http://www.citrix.com/support/solution/sol00053.htm http://ctxex10.citrix.com/texpert.nsf/2e89dc7305e02e9ba69/e9e622dbbaf8b2bbe477?OpenDocument http://www.sans.org/infosecFAQ/perimeter.htm Christian H. Jensen .................................................................................. eSec A/S - Managed Security http://www.esec.dk Telefon: +45 7020 5585 Direkte: +45 4450 2073 Mobil: +45 20192510 ..................................................................................
Seasons greetings back to you! I am also having a torrid time with Citrix connections - I currently open TCP on port 1494 with ranges from 1024 to 65535. I've also heard that you need to add the NBT group of services and something else?? Does anyone else know what services I need for this connecting to get through? Thanks, Jonathan PS: I'm a FW4.0 - Sun Ultra 10's and Nokia 330's/440's -----Original Message----- From: Skip Lawrence - ext. 8972 [SMTP:[email protected]] Sent: Wednesday, December 20, 2000 2:41 PM To: 'Fw-1-Mailinglist (E-mail) Subject: [FW1] Adding a ip's to the firewall Seasons greetings to all out there . We have just created two new Citrix Servers. I have added them to the Citrix group on the firewall. and Verified them and pushed them to the firewall . For some reason it works on the Internal side . But the outside folks can not get into the two new Citrix Servers . This is a NT Shop. Thank you . ======================================================================== ======== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ======================================================================== ======== CONFIDENTIALITY: The information in this e-mail and any attachment is confidential. It is intended only for the named recipient(s). If you are not a named recipient, please notify the sender immediately and do not read, use, copy or disseminate this information. CONDITIONS: Any offer contained within this communication is subject to contract and formal approval by the legal entity giving the offer. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|