[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Problem with ICA protocol
Geraldo I was attempting the same thing and had those problems. I solved the problem and didn't leave as many holes open on my firewall (port 1494-tcp and 1604-udp). If you use the VPN option to fw-1, you can configure the name of the server and IP address on the firewall to have the client to pull down to the userc.c file. Then use the Citrix client and configure it as a LAN connection and put the internal ip address for the server name (make sure it is the server of the Master Browser for the farm). When you connect, the VPN client will have you log onto the firewall and which will allow Citrix Client to scan for a farm. You will then find the farm and connect to your Citrix boxes via the Check Point VPN client. You now have double security, which most users don't like b/c it is inconvenient until that sensitive data is missing and they are preying that you will fix it. Garett -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Pulver, Richard Sent: Tuesday, April 03, 2001 3:05 PM To: '[email protected]'; [email protected] Subject: RE: [FW1] Problem with ICA protocol Have you set the ICA client to use the alternate firewall connection? Also are you using the altaddr function on the Citrix server to give it a public IP or you forwarding the ports from the firewall to the internal IP address of the Citrix box? -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Tuesday, April 03, 2001 3:38 PM To: [email protected] Subject: [FW1] Problem with ICA protocol Hi all, I am using FW-1 sp2, and I am not able to estabilish connections from the Internet to my MetaFrame server. I´ve created the following rule: any MetaFrameServer any allow I am allowing connections to any port only because this is a testing environment. The ICA client documentation says that ports 1494-tcp and 1604-udp are the only ones needed. In the FW-1 log i see the connection being accepted by the firewall, but the ICA client shows an error similar to a timeout after a while. Any ideas are welcome. Thanks in advance Geraldo Fonseca Icatu-Hartford Seguros S.A. [email protected] ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|