12-04-2013 07:55 AM
Hi
Im trying to configure the Citrix Mobile Receiver Proxy on a ASA but cant get it to work.
The ASA got several VPN configured, both client, clientless vpn and L2L.
It looks like ASA are terminating SSL every time the iPad connects.
What could be missing here? And any good advice on how to troubleshoot appreciated.
ASA 5585 - OS 9.1(8)
Citrix Receiver - 5.8.3
Citrix config:
group-policy DfltGrpPolicy attributes
dns-server value x.x.x.30 x.x.x.31
vpn-simultaneous-logins 10
vpn-tunnel-protocol ikev1 l2tp-ipsec
default-domain value xxx .org
webvpn
customization value DfltCustomization
vdi type citrix url http://citrix.xxx.org domain xxx.org username CSCO_WEBVPN_USERNAME password CSCO_WEBVPN_PASSWORD
From Log Viewer:
12-05-2013 01:02 AM
I did some captures today and all I got is the outside capture with a RST,ACK back to my test client.
On the inside interface, going to the Citrix server nothing. Did check for both ASA inside IP and the Citrix server IP in diffrent ways (any->ASA, Citrix->any, etc)
Looks like ASA is not listening for, or understands, incomming Citrix traffic?
Edit:
Just saw this: Key size >1024 is not supported as of now.
All certificates on the ASA are 2048, probably the problem?
Cheers
01-09-2015 02:19 AM
Hi,
I have the exact same problem here and after doing some heavy WebVPN Citrix and aaa common debugging on the ASA, I can see that the authentication goes just fine through and ASA considers the connection to be accepted, but after that the connection is just dropped like said here earlier.
Have you found any solution to this one.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide