Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9046
Views
0
Helpful
6
Replies

Cisco Anyconnect and citrix

mlondon
Level 1
Level 1

‎01-31-2011 01:18 AM - edited ‎02-21-2020 05:07 PM

Hi,

Does anyone know if anyconnect is working in a citrix environment?

regards

Monty

Labels:
0 Helpful
6 Replies 6

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎01-31-2011 02:34 PM

Monty,

Do you mean running citrix apps over anyconnect (yes no problem with that) or running anyconnect from within citrix (never attempted, but would image problem with spawning virtual adapters? ;-)

Marcin

0 Helpful

mlondon
Level 1
Level 1
In response to Marcin Latosiewicz

‎02-01-2011 01:00 AM

Hi Marcin

Thanks for replying

We want set up remote SSL-VPN connections to Citrix servers.

We're doing some new things for a client, and one of them is to try and replace the Citrix gateway(CAG) with the Cisco ASA and the anyconnect client,

but the CCO examples are only mentioning the clientless option as opposed to the anyconnect client.

Is there a document describing the Citrix server/ASA connection, and using the anyconnect client?

regards

Monty

0 Helpful

Marcin Latosiewicz
Cisco Employee
Cisco Employee
In response to mlondon

‎02-01-2011 01:09 AM

{{EDITED - I'm missing some info}}

Monty,

Anyconnect cannot terminate SSL session directly on citrix serves if that's what you wanted to achieve.

SSLVPN is currently a standard-less solution (from all vendors), everyone is doing their own way and vendor interoperability is basically unexistant.

While the pure SSL part (as defined by standard) should work I don't believe CAG will be able to answer anyconnect one they start talking inside SSL (think profile updates, CSD, downloading of latest version).

What you can have is terminate Anyconnect on ASA and have citrix client run on the PC with anyconnect.

Marcin

0 Helpful

mlondon
Level 1
Level 1
In response to Marcin Latosiewicz

‎02-01-2011 01:25 AM

Hi Marcin

Sorry if  was'nt clear enough, We do'nt want the CAG at all, below are the components and connections we

would like to end up with:-

CITRIX SERVER<--------->CISCO ASA 5520<--------------------------------------------->WINDOWS XP w/anyconnect client

CITRIX SERVER<---------------------------------------------SSL--------------------------------->WINDOWS XP w/anyconnect client(via the ASA)

regards

Monty

0 Helpful

Marcin Latosiewicz
Cisco Employee
Cisco Employee
In response to mlondon

‎02-01-2011 01:31 AM

Monty,

Yup, I figured I was mis-interpreting something ;-)

In the scenario your descirbing, yes it will work, in fact it will work natively since from application point of view you will be talking directly to citrix serves.

It does not require any special prepration/configuration since (for the most part) anyconnect is agnostic to traffic which is passing through it.

Normally ctrix provides http interface to it's server and then sends ICA (cookie most of the time) which prompts the client to launch citrix client (java based) and connect on tcp 1494 (AFAIR)

Marcin

0 Helpful

mlondon
Level 1
Level 1
In response to Marcin Latosiewicz

‎02-01-2011 01:37 AM

Hi Marcin

Sounds great, I'll go ahead and give a try.

Thanks again for your quick responses.

regards

Monty

0 Helpful
Customers Also Viewed These Support Documents