[WFClient] ICASOCKSProtocolVersion=4 ICASOCKSProxyHost=127.0.0.1 ICASOCKSProxyPortNumber=49152 ProxyHost=127.0.0.1:49152 ProxyType=SOCKSv4 ProxyFavorIEConnectionSetting=offBut when I check with Wireshark on the local machine, I see that the traffic to the Citrix Servers go out direct to the default Gateway and not via internal SSL tunnel. COMMENT: internal Server is with 1.x.x.x address. I know, is not private but at the moment we can change the range! Has someone done a similar setup and works there? Examples? Is it the 1.x address the Problem (Not Private)? But why then work the Citrix login Website… Thanks
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
::: 680.098542 port16 out 172.31.225.1.1107 -> 10.8.15.235.1494: fin 3037961068 ack 119436554 ::: 701.031409 port16 out 172.31.225.1.1105 -> 10.8.15.235.2598: ack 1525205239But then noting more. Only sync, syncAck, ack 2) On the Client site I see parallel traffic that go also direct from the Host IP 222.222.222.222 to the Citrix Server IP. Not via tunnel.
Internet Protocol, Src: 222.222.222.222 (222.222.222.222), Dst: 10.8.15.235 (10.8.15.235) Transmission Control Protocol, Src Port: itb301 (2992), Dst Port: citriximaclient (2598), Seq: 0, Len: 0This traffic gos not via tunnel to the Fortigate. hmm ... not nice ...
config vpn ssl web portal edit " PortalName" set allow-access citrix rdp web endAnd the on Bookmark Level is OK only Citrix and Web. Bug?
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.