Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Strange problem with Citrix

To: [email protected]
Subject: Re: [FW-1] Strange problem with Citrix
From: Macroscape Solutions <[email protected]>
Date: Sat, 3 Nov 2001 08:59:54 -0500
References: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Does anyone know if one can use multiple altaddr in Citrix. I have a NAT
that is being done at the firewall and if the circuit fails at the upstream
router then another NAT is performed at that router going to a different
provider. So my client's Citrix server is setup with 1 /altaddr so when the
failover happens on the upstream router Citrix stops working. Any ideas?

Euge

Thanks, Eugen B
----- Original Message -----
From: "Ramakrishnan" <[email protected]>
To: <[email protected]>
Sent: Saturday, November 03, 2001 3:43 AM
Subject: [FW-1] Strange problem with Citrix


> Hi,
>
> Yes, Both the rules are there. The Source port range
> is 1024 -65534
>
> The citrix is going through a 3DES tunnel(cisco) and
> lands on the firewall.
>
> The firewall allows first six sessions and blocks any
> more sessions.
>
> The customer has openend a TAC case with Cisco ,
> Citrix and CP.
>
> Regards
> Rama
>
>
>
> What rules do you have for Citrix? Do you have
> services for both TCP 1494
> and UDP 1604 with source port ranges from 1024-9999?
> This what I have setup
> and I've never had a problem from CP 4.0 thru 4.1 SP4.
>
> Also are you also using the /altaddr on the Citrix
> server when trying this?
>
> Rich
>
> -----Original Message-----
> From: Ramakrishnan [mailto:[email protected]]
> Sent: Thursday, November 01, 2001 12:11 AM
> To: [email protected]
> Subject: [FW-1] A strange problem with citrix
> connection through CP -1
> SP2
>
>
> Hi all,
>
> One of our customers have a strange problem in
> allowing citrix client through his firewall. The web
> client of citrix works  fine through the firewall. But
> if the native citirx client is used , the firewall
> responds requests to 5 to 6 sessions and do not allow
> sessions there after. Even if the sessions are
> disconnected and retried , the sessions do not get
> established.
>
> If we restart the firewall , then it allows 6 more
> sessions.
>
> We have changed the source port range, removed NATting
> . Still the problem continues.
>
> We understand that the FW stops dropping packets.
>
> Has anybody faced similar problems. Please suggest a
> solution.
>
> THe option of upgrading the SP is ruled out.
>
> A ticket has been opened in citrix and CP for the
> same.
>
> Any ideas
>
> Rama
>
>
> __________________________________________________
> Do You Yahoo!?
> Find a job, post your resume.
> http://careers.yahoo.com
>
> ===============================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ===============================================
>

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

References:
- [FW-1] Strange problem with Citrix
  - From: Ramakrishnan <[email protected]>

Prev by Date: [FW-1] test - ignore
Next by Date: [FW-1] Do ppl log Deny Any Any?
Previous by thread: [FW-1] Strange problem with Citrix
Next by thread: [FW-1] test - ignore
Index(es):
- Date
- Thread