Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
430
Views
0
Helpful
1
Replies

citrix - firwall not allowing

Network Pro
Level 1
Level 1

‎07-06-2011 08:14 AM - edited ‎03-11-2019 01:55 PM

Hi,

we have a pix firewall (515e) and we are trying to access an application on citrix at the other end of the firewall.

on dooing a caputre on inside interface,  can see the packets hitting the firewall but again on capturing the outside interface, cant see any packets hitting the outside interface?

i have the config here for ref:

access-list inside_access_in permit icmp any any

access-list inside_access_in permit tcp any host 172.19.38.21 eq citrix-ica

ip address outside 172.19.38.10 255.255.255.0

ip address inside 172.22.8.10 255.255.255.0

global (outside) 1 172.19.38.3

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

access-group outside_access_in in interface outside

access-group inside_access_in in interface inside

route outside 172.19.38.21 255.255.255.255 172.19.38.1 1

I am trying to access 172.19.38.21  but cant get to it...i cant see the pix forwarind the packets at all

any thoughts pls

Thanks

Labels:
0 Helpful
1 Reply 1

Anu M Chacko
Cisco Employee
Cisco Employee

‎07-06-2011 11:16 AM

Hi,

Could you open TCP port 80 and UDP port 1604 on both the inside and outside interface access-lists?Also, on the inside interface, the access-list entry should be "access-list inside_access_in permit tcp host eq citrix-ica".

Let me know.

Regards,

Anu

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card