Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Citrix Receiver Proxy

Unanswered Question
Dec 4th, 2013
User Badges:


Im trying to configure the Citrix Mobile Receiver Proxy on a ASA but cant get it to work.

The ASA got several VPN configured, both client, clientless vpn and L2L.

It looks like ASA are terminating SSL every time the iPad connects.

What could be missing here? And any good advice on how to troubleshoot appreciated.

ASA 5585  -  OS 9.1(8)

Citrix Receiver  - 5.8.3

Citrix config:

group-policy DfltGrpPolicy attributes

dns-server value x.x.x.30 x.x.x.31

vpn-simultaneous-logins 10

vpn-tunnel-protocol ikev1 l2tp-ipsec

default-domain value xxx .org


  customization value DfltCustomization

  vdi type citrix url http://citrix.xxx.org domain xxx.org username CSCO_WEBVPN_USERNAME password CSCO_WEBVPN_PASSWORD

From Log Viewer:

Citrix VDI.png

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Mikael Gustafsson Thu, 12/05/2013 - 01:02
User Badges:

I did some captures today and all I got is the outside capture with a RST,ACK back to my test client.

On the inside interface, going to the Citrix server nothing. Did check for both ASA inside IP and the Citrix server IP in diffrent ways (any->ASA, Citrix->any, etc)

Looks like ASA is not listening for, or understands, incomming Citrix traffic?


Just saw this:  Key size >1024 is not supported as of now.

All certificates on the ASA are 2048, probably the problem?


pohjaton1 Fri, 01/09/2015 - 02:19
User Badges:


I have the exact same problem here and after doing some heavy WebVPN Citrix and aaa common debugging on the ASA, I can see that the authentication goes just fine through and ASA considers the connection to be accepted, but after that the connection is just dropped like said here earlier.


Have you found any solution to this one. 


This Discussion