Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1511
Views
0
Helpful
4
Replies

Citrix through ASA 5540 version 8.0

DJCanuck1_2
Level 1
Level 1

‎09-25-2007 06:50 PM - edited ‎02-21-2020 01:42 AM

I am currently running a Demo of the Cisco ASA 5540. My current problem is this:

I am trying to allow access to our Citrix web interface via clientless SSL VPN. I publish an internal link to our Citrix server(s) on the Portal page and the link connects to the Citrix Presentation interface. I login and am presented with various Citrix published apps. When I select one, I get the error:

RDP remote client error: Cannot connect to Citrix MetaFrame server. Protocol driver error". I have tested RDP and can connect to the Citrix server via RDP through the same SSL VPN session.

If I try to use the Citrix ASA plugin using the ICA protocol, I get the following error:

java.io.IOException: Connection failed

at Java.net.Socket.startRedirectSession(Socket.java:198)

at Java.net.Socket.startRedirectSession(Socket.java:170)

at Java.net.Socket.connect(Socket.java:272)

at java.net.Socket.connect(Unknown Source)

at java.net.Socket.<init>(Unknown Source)

at java.net.Socket.<init>(Unknown Source)

at Java.net.Socket.<init>(Socket.java:106)

at com.citrix.client.io.net.ip.z.a(Unknown Source)

at com.citrix.client.io.net.ip.z.a(Unknown Source)

at com.citrix.client.io.net.ip.z.a(Unknown Source)

at com.citrix.client.module.td.tcp.TCPTransportDriver.s(Unknown Source)

at com.citrix.client.module.td.TransportDriver.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

Do I have to set up a certificate to make this connection work? I have read various docs regarding Citrix through ASA and there seems to be a certificate configuration that I may be missing here.

Since 80% of our remote users will be directed to Citrix, I need to find a solution for this.

0 Helpful
4 Replies 4

smahbub
Level 6
Level 6

‎10-03-2007 06:18 AM

The Citrix bug you see in this case has been fixed in the latest ASA CCO Interim Release 7.1.2.12 or 7.2.1.4

0 Helpful

DJCanuck1_2
Level 1
Level 1
In response to smahbub

‎10-16-2007 07:55 AM

Sorry for the late response, but I am using ASA version 8.0 and ASDM 6.0. There seemed to be a certificate issue when connecting to Citrix through the web interface, but I have resolved that. I still cannot get the ica client to launch. I think it may be due to the restriction of "web interface only" connections to our Citrix servers.

0 Helpful

eegilbert
Level 1
Level 1
In response to DJCanuck1_2

‎01-10-2008 02:31 PM

Hi DJ,

Did you ever get this figured out? I'm also using version 8 for the IOS and I get the exact same error message.

Thanks!

E

0 Helpful

eegilbert
Level 1
Level 1
In response to eegilbert

‎01-10-2008 04:10 PM

So i figured it out and it's pretty simple:

The server I was trying to connect to isn't running the ICA protocol, just the HTTP protocol. I was trying to use an ICA bookmark on the ASA to connect.

Hope this helps someone else!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card