ASA 5505 configured for WebVPN connecting to Citrix Web Interface.

Teymur,

When using citrix the ASA should re-write the .ica file that is downloaded.  It basically changes some of the content to say connect to the citrix server through me.

You mention that you click on the outlook icon but it can not open.  Please can you give some detailed description of exactly what happens when you click on the link.  There are various errors that could be displayed and each reference a different root cause.

-Jay

Hi. Thank you to reply me. at asa smart tunnel is disable and ssl/tls are enable at citrix server.

when i want to open 1c program or excel program this error is give me.

thank you.

Teymur,

You will want to make sure that ssl/tls on the citrix sever is disabled.  The ASA is the one that will be providing the encryption.

In addition can you tell me what version of code the ASA is running.  There have been a couple of bugs with 8.0 and 8.2 that can see this issue.

-Jay

Hi. ok. before i wrote you i read at cisco forum some guys say that to enable smart tunel at asa and enable ssl/tls at citrix server. when i do that this error is occur which i sent you my last comment.

ok i disable ssl/tls but i think so the problem is not solve.(because the first time ssl/tls is disable and smart tunnel also disable and no application is open).

version 8.4 is running at asa 5505.

if if you need more configuration i provide you more asa configuration. you say me how i solve this issue.

Teymur,

Can you confim that after disabling the ssl/tls on the Citrix server (secure connectivity) that you are getting exactly the same error.  It is possible that it is generating a different error.

The bug where we have see the existing error was CSCtf06303 but that has been fixed in 8.4.1.  Can you confirm the exact version of code you are running on the ASA.

If you have confirmed the above two notes it may be adventageous to open a TAC case as we may need to do some live additional troubleshooting.

Thanks

-Jay

when ssl/tls disable on ctirix server there is no error occur but i can not open any appliaction. i click for example 1c icon

it is not open and no error occur.

when i enable ssl/tls on citrix server the error occur(which i attached you).sorry i can not say you exact code because i am now at home and asa at office but when i go office i will write you but i do not think it is bug.

i think we do some little config at asa but what we change  do i do not know.

Teymur,

For the ASA to act as a secure gateway for citrix there is no configuration necessary.

All that is needed is a bookmark pointing to the citrix web page (do not smart tunnel the link).

The ASA will recognize the .ica file as it downloaded and will automatically re-write it and pre-allocate a session for the client program to connect to.

-Jay

yes you are rigth. i send you my bookmark configuration(i do print screen it at asdm) but i do not think i have problem problem at bookmark.

i know that but why application is not open

Teymur,

It might be appropriate to open a TAC case at this point since the cursory troubleshooting done so far has yielded no results.  Further action may include getting a HTTPWatch capture of the session and deeper analysis of the traffic flow.

Thanks

-Jay