ASA Smart Tunnels and Citrix

Unanswered Question
Mar 3rd, 2008
User Badges:

I'm trying get the Smart Tunnels set up on our ASA, but there seems to be a serious lack of documentation. I did find a little bit in the 8.0 configuration guide, but that's about it. Basically, I've created the application list of the names. First we went with the path as described in the documenation; pn.exe and that's it but then i also tried the full path as well:

smart-tunnel list "CitrixW32-ProgramNeighborhood" "wfica32" "c:\Program Files\Citrix\ICA Client\wfica32.exe"

smart-tunnel list "CitrixW32-ProgramNeighborhood" "wfcrun32" "c:\Program Files\Citrix\ICA Client\wfcrun32.exe"

smart-tunnel list "CitrixW32-ProgramNeighborhood" "Citrix_PN" "c:\Program Files\Citrix\ICA Client\pn.exe"

smart-tunnel list "CitrixW32-ProgramNeighborhood" "wfica" "c:\Program Files\Citrix\ICA Client\wfica.exe"

smart-tunnel list "CitrixW32-ProgramNeighborhood" "wfcrun" "c:\Program Files\Citrix\ICA Client\wfcrun.exe"

I then attempted to apply the list to our group policy, which apparently doesn't work well in ASDM considering you apply it and then it doesn't show up in ASDM as applied, but here it is in CLI:


url-list value WebVPN-Basic

filter none

port-forward disable

http-proxy disable

sso-server none

customization value FHS

http-comp none

hidden-shares none

smart-tunnel auto-start CitrixW32-ProgramNeighborhood

Now I'm guessing that's all that is needed?!!?! I setup Program Neighborhood agent to point towards the citrix server as usual, logged into webvpn and launched a basic Citrix Session that should goto a desktop as no application is specifed but I recieve an I/O error on the Program Neighborhood side as if something is being blocked. Any ideas?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
raun.williams Mon, 03/10/2008 - 08:12
User Badges:

Thank you, but as mentioned I did find what little information there was in the configuration guide.

arni.v.skarphed... Fri, 09/26/2008 - 02:26
User Badges:

Just an update that I got this working

used the same info as in the orginal post for the Smart Tunnels, but did not use the full path of the programs, just the name xyz.exe


This Discussion