Citrix fails when going through a GRE tunnel

limtohsoon · ‎04-11-2006

Hi Sir,

A group of Citrix Clients connect to a Citrix Metaframe Server. The port numbers involved are Citrix Metaframe (TCP/UDP 1494) and MS Terminal Server (TCP/UDP 1604).

The network is configured such that the communication between the Citrix clients and server goes through a GRE tunnel. Traceroutes from client to server, and vice versa, confirm that it passes thru the GRE tunnel. There's no ACL, firewalls or NAT devices along the IP path, in both directions.

The issue is, all Citrix clients can ping to the server but some fail to log on to the server; some have no problem. Also, other applications, e.g. PCAnywhere, can go through. If the GRE tunnel is taken away, all Citrix clients can log on to the Citrix server.

What could be the problem? It seems like the GRE tunnel might cause the problem. Do I need to adjust the TCP MSS or IP MTU on the tunnel interfaces?

Please help.

Thank you.

B.Rgds,

Lim TS

sundar.palaniappan · ‎04-11-2006

Appears to be an MTU issue.

Configure 'ip tcp adjust-mss 1400' on anyone interface in the path traffic traverses through.

Pls. rate all helpful posts.

HTH,

Sundar

Bryan Wells · ‎01-11-2013

Hi - I applied the fix above to the tunnel interfaces on both sides including the remote Vlan interface. It fixed the above issue.

Jeff Van Houten · ‎01-13-2013

If you are going to adjust the mss you also need to adjust the mtu for non-tcp packets on the tunnel. Put "ip mtu 1440" on the tunnel interface as well.

Sent from Cisco Technical Support iPad App