RE: [e-smith-devinfo] Citrix server behind e-smith

Wed, 25 Apr 2001 17:27:14 -0700 

OK, I spent my day at Chapters reading Linux books.  Yes, I need
a real life....

Anyhow I pieced together enough information to come up with this:

/etc/e-smith/templates-custom/etc/rc.d/init.d/masq/45AllowCITRIX

containing this content:

#---------------------------------
# CITRIX FIREWALL SETTINGS
#
# copyright (C) DMC NETSOURCED.COM
#---------------------------------

CITRIX=192.168.1.2

/sbin/ipchains -I input -p tcp --destination-port 1494 -j ACCEPT
/sbin/ipchains -I input -p udp --destination-port 1604 -j ACCEPT

/usr/sbin/ipmasqadm portfw -a -P tcp -L $OUTERNET 1494 -R $CITRIX 1494
/usr/sbin/ipmasqadm portfw -a -P udp -L $OUTERNET 1604 -R $CITRIX 1604

#---------------------------------

followed with these commands:

/etc/e-smith/events/actions/conf-masq
/etc/e-smith/events/actions/restart-masq

Now I don't have a Citrix server to test this at home but would
anyone take a moment to confirm if I am on the right track or
not.

Thanks,

Darrell

> -----Original Message-----
> From: Darrell May [mailto:[EMAIL PROTECTED]]
> Sent: Friday, March 30, 2001 3:24 PM
> To: e-smith-devinfo (E-mail)
> Subject: [e-smith-devinfo] Citrix server behind e-smith
> 
> 
> I have a client needing to access a Citrix server behind an
> e-smith server and gateway firewall.  Citrix provides the
> following document:
> 
> Document ID -- CTX953919
> Last modified on: Thu Aug 03 12:12:05 2000 
> 
> The recommended set up for this Web Computing Solution is to
> have your Web server outside the firewall and have your
> Citrix servers inside the firewall. 
> 
> Checklist Firewall
> 
> 1. A valid external IP address has been mapped to the
>    Citrix server inside the firewall.
> 
> 2. Port 1494 for TCP/IP is opened.
> 
> 3. Port 1604 for UDP is open Inbound on the firewall.
> 
> 4. Port 1023 and above are opened for TCP and UDP outbound.
> <end>
> 
> To assist replies, let us state the following:
> 
> external ip = xxx.xxx.xxx.xxx
> internal ip = yyy.yyy.yyy.yyy
> 
> How may I best implement the above at the e-smith server?
> Does anyone have any experience with Citrix and e-smith
> working in this fashion?
> 
> Regards,
> 
> Darrell May
> DMC NETSOURCED.COM
> 9912 Lougheed Highway, Burnaby, BC, Canada V3J 1N3
> Phone: (604) 420-1362 * Fax: (604) 552-8833
> E-mail: [EMAIL PROTECTED]
> Website: http://netsourced.com
> 
> --
> This list is archived
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>

Reply via email to