b_gilmore
Well Known Member
Re: [Citrix connection for JDE via Internet]
To connect from a unsecured network (i.e. the internet) to a secured one (i.e.
your Business Lan) you really should have a legitimate VPN solution in place
to protect your corporate assets.
When you establish a VPN session you're creating an extension of your
corporate LAN to a remote node on an unsecured network, but the traffic is
encrypted as it travels over the that unsecured portion and unencrypted when
in reaches the remote host (e.g. your laptop).
But if you open up your Citrix box to the world, one thing is certain. You
must be able to reach TCP Port 1494 on your Citrix Server to establish a
Citrix session. If you have a firewall using NAT, you will have to configure
port forwarding on you firewall, so that any TCP 1494 requests directed to
your firewall's IP address are redirected inbound to port 1494 on your Citrix
server.
With VPN this isn't necessary because an VPN client would have an internal IP
address for the VPN session.
To test, you can use a simple port scanner like BluesPortscan (download.com)
to send a SYN request from your internet-connected laptop to your internet
accessible corporate IP address (probably your firewall) aimed at port 1494.
If the packet reaches a service that is responding to request to that port
(i.e. your Citrix Server) you will get a successful response from the port
scanner. If you get past this hurdle, it's usually gravy after that.
Good luck.
Gopal_Kistasami <[email protected]> wrote:
the author and not those of Smiths Manufacturing (Pty) Ltd or its management.
solely for the addressee.
intended recipient, any disclosure, copying, distribution or any action taken
or omitted in reliance on this, is prohibited and unlawful.
Manufacturing (Pty) Limited forthwith at [email protected] and destroy
any copies of it immediately.
of information and data transmitted electronically and to preserve the
confidentiality thereof, no liability or responsibility whatsoever is accepted
if information or data is, for whatever reason, corrupted or does not reach
its intended destination.
whether it be direct, indirect or consequential, arising from information made
available and actions resulting there from.
To connect from a unsecured network (i.e. the internet) to a secured one (i.e.
your Business Lan) you really should have a legitimate VPN solution in place
to protect your corporate assets.
When you establish a VPN session you're creating an extension of your
corporate LAN to a remote node on an unsecured network, but the traffic is
encrypted as it travels over the that unsecured portion and unencrypted when
in reaches the remote host (e.g. your laptop).
But if you open up your Citrix box to the world, one thing is certain. You
must be able to reach TCP Port 1494 on your Citrix Server to establish a
Citrix session. If you have a firewall using NAT, you will have to configure
port forwarding on you firewall, so that any TCP 1494 requests directed to
your firewall's IP address are redirected inbound to port 1494 on your Citrix
server.
With VPN this isn't necessary because an VPN client would have an internal IP
address for the VPN session.
To test, you can use a simple port scanner like BluesPortscan (download.com)
to send a SYN request from your internet-connected laptop to your internet
accessible corporate IP address (probably your firewall) aimed at port 1494.
If the packet reaches a service that is responding to request to that port
(i.e. your Citrix Server) you will get a successful response from the port
scanner. If you get past this hurdle, it's usually gravy after that.
Good luck.
Gopal_Kistasami <[email protected]> wrote:
the author and not those of Smiths Manufacturing (Pty) Ltd or its management.
solely for the addressee.
intended recipient, any disclosure, copying, distribution or any action taken
or omitted in reliance on this, is prohibited and unlawful.
Manufacturing (Pty) Limited forthwith at [email protected] and destroy
any copies of it immediately.
of information and data transmitted electronically and to preserve the
confidentiality thereof, no liability or responsibility whatsoever is accepted
if information or data is, for whatever reason, corrupted or does not reach
its intended destination.
whether it be direct, indirect or consequential, arising from information made
available and actions resulting there from.
