T50 & Citrix PNAgent

  • This topic is empty.
Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #8026
    Avatarcliffhunt
    Member
    • Total Post: 6
    • Newbie

    Greetings all.

    I have searched through the messages, and tried everything I found, but can still not get a T50 to work with PNAgent in Citrix.

    On the XenApp server side, I’m getting the following in the error log: “SSL handshake from client failed” I am running FW1.027 on the T50. I have tried with .ini and with local setup to no avail. an ICA client will work, as will running it through the Citrix WI in Chrome browser. I have tried full path (https://citrix.domain.com/Citrix/PNAgent/PNAgent.xml and without the PNAgent.xml). I have tried citrix.domain.com Force HTTPS, no Force HTTPS. And just about every combination of options that I can find in the ini reference, and I still get the “SSL handshake from client failed” on the server side. The client side is merely “authentication failure”.

    I have also tried DHCP Option 181 with the FQDN and IP address – same result.

    I have enabled pass through authentication on the PNAgent as well as the Web Interface side.

    I have also tried importing the cert (.pfx) and that didnt help either.

    Does anyone have any suggestions? I feel like Im missing something very simple, somewhere, and hope a fresh set of eyes will help.

    Below is the server side details.
    Xen App Servers:
    Citrix XenApp for Windows, Advanced Edition 6.5.0 Build 6682 (No Service Packs), Hotfix XA650W2K8R2X664R01 (All Servers)
    Windows 2008 R2 Remote Desktop Servers with SP1

    XenApp Web SiteXenApp Services Site:
    Windows 2008 R2 SP1
    Citrix Web Interface Gateway: 5.4.0.59
    Citrix Secure Gateway: 3.3.1
    IIS 7

    Regards,
    Cliff

    #24324
    ConfGenConfGen
    Keymaster
    • Total Post: 9812
    • Jedi Master
    • ★★★★★★★

    First you should update to latest T50 build 1.028.

    CG

    #24332
    Avatarcliffhunt
    Member
    • Total Post: 6
    • Newbie

    I should have stated that earlier I tried to push 1.028 to this device, and while it acted like it was going to upgrade, it didnt – and no errors in WDM either, so I gave up, because the release notes didnt appear to be relevant.
    Anyway, today, I used the USB tool and pushed 1.028. I re-tried and same result: authentication failure.

    #24333
    Avatarcliffhunt
    Member
    • Total Post: 6
    • Newbie

    Also, I determined the “SSL Client Handshake” error that I saw in the Citrix error logs is unrelated. When I watched the timestamps, they did not match attempts at authentication from the T50.

    #24337
    ConfGenConfGen
    Keymaster
    • Total Post: 9812
    • Jedi Master
    • ★★★★★★★

    But you are trying to connect directly to the PNAgent site and not via CSG, aren’t you?

    CG

    #24348
    Avatarcliffhunt
    Member
    • Total Post: 6
    • Newbie

    1. We’d like to connect through CSG, but that doesn’t appear to work. Using CSG we get an authentication failure message each time.
    2. It doesn’t appear to work if we are connecting with the Certificate loaded to the Website instead of CSG either. We can authenticate and see the list of apps, but they won’t launch.

    #24388
    Avatarcliffhunt
    Member
    • Total Post: 6
    • Newbie

    Does anyone have any ideas? I have it working over HTTP on the LAN, but still cannot use HTTPS. This becomes a problem if they ever need to be used off-site – which is a real possibility as they are located in a hurricane-prone area.

    I appreciate any suggestions.

    #24389
    Avatarcliffhunt
    Member
    • Total Post: 6
    • Newbie

    HTTPS with PNAgent is a known issue on the T50. I will re-post when they have a solution.

Viewing 8 posts - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.