I have more experience than I really want :-).
1. Currently, there is no ALG or proxy code for ICA. I have used socks
as a proxy just fine.
2. Citrix uses:
TCP 1494 for the actual data connection (which is all you need open if
you DON'T use published apps or the Farm).
UDP 1604 is used in pre-SP2 implementations to allow clients to query
the Citrix farm for a list of published apps via ICA BRowser service.
With SP2/FR1, you can use HTTP for your ICA Browsing needs, using any
TCP port you want.
(The client uses ports >1024 on its end, btw.)
There is a new product (Extranet 2.0) which allows you to set up a
specific ICA proxy; check out the citrix web site for mor info.
If you email me with more specific info on your architecture and
security needs, I can give you more pointers.
Hope that helps,
Henry
-----Original Message-----
From: Jim Kearney [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 18, 2001 1:41 PM
To: '[EMAIL PROTECTED]' '
Subject: Citrix Published apps through a firewall
Does anyone have any experience with Citrix Metaframe and Firewalls.
I have been told that the Citrix protocol (ICA) is not fully supported
by an firewalls other than one they are developing, in particular
publishing apps. I find that a little hard to believe. Does anyone
else have any experience with this.
Jim
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
