Using ASA with WYSE thin-client (which launches a Citrix Published Desktop)
I apologize if this has already been discussed here, if there is another thread that addresses this, please let me know.
We are in a situation where we have 700+ users who use a Citrix Published Desktop (spread across approximately 70 Citrix servers) exclusively (they do not have regular desktops to use). Our network team is expecting these users to use the Cisco Anyconnect client via a https://x.x.x.x URL to an ASA device.
The issue here is that since the users are using a Citrix Published desktop (NOT A VDI) they are all essentially sharing the same physical server (and therefore the same IP address) Assume 20 users logged into one Citrix server using a Citrix Published Desktop (with roaming profiles of course) - each trying to establish or maintain their own individually authenticated session at the same time.
I see references to Anyconnect working within RDP, and see references to connecting to Citrix Published apps after establishing an SSL VPN session, but am not clear on whether this would support multiple end-users each using a Citrix Published Desktop on the same Physical Citrix server.
Or, if we are able to make it work, once the first user authenticates, does that mean that the other 19 users that are logged into the same box at the same time will also have access to the remote network since the first user already authenticated and opened a connection? This would not work since "individual user authentication" is the goal here.
Thanks in advance for any thoughts or comments regarding this issue.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...