Citrix Web Interface

  • This topic is empty.
Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #842
    Avatartdahlen
    Member
    • Total Post: 6
    • Newbie

    Is it possible to connect to the citrix web interface through the access gateway with Wye’s thin OS using the pnagent on the client? I’ve read this was possible with citrix’s secure gateway, but I have not heard one way or the other about the access gateway. Thanks in advance.

    #11303
    Avatararthurc604
    Member
    • Total Post: 1
    • Newbie

    Well, this is uncanny – I just happen to be working with a client on this today! From the digging I’ve done so far, I can only see this maybe working if Logon Page Authentication is turned off. See page 159 of VPN_AdminGuide.pdf.

    Let us know if you can figure it out!

    #11305
    ConfGenConfGen
    Keymaster
    • Total Post: 11116
    • Jedi Master
    • ★★★★★★★

    Hi,,

    connecting to the webinterface is not a problem. Just use the URL and put it in the PNAgent/PNlite field. If the page is using SSL you have to import the certificate first, of course.
    To do that, use the wnos.ini parameter AddCertificate=mycert.crt and copy the certificate itself in a folder called cacerts under the wnos folder.

    If you want to connect to a CSG this will work also pretty well. CAG will only work if it is in CSG compatibility mode.

    HTH
    CG

    #11330
    Avatartdahlen
    Member
    • Total Post: 6
    • Newbie

    ConfGen, thanks for the response. I am going to be connecting to a page that uses SSL, so the certificate step makes sense. But, I am not sure about how to set the CAG in compatibility mode. Where can I check to see if this is the case? Thanks again.

    #11332
    Avatarthinkthin
    Member
    • Total Post: 1707
    • Jacked into The Matrix
    • ★★★★★★

    Hi,

    To do this securely you will have to disable authentication to the CAG and pass traffic directly to the web interface and PNagent site.

    This is how CSG used to work, now ONLY do this if the web interface server is in the DMZ and locked down. Also you lose some of the CAG functionality. Its fine if you have a CAG to dedicate to WTOS. Before you say it yes its not a great solution at the moment but it works.

    Have a look at the Deploying WTOS power point on this site for information on how to configure the webinterface.conf in your pnagent site,

    Cheers,
    -TT

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.