Created on 04-04-2006 12:00 AM
Description | Citrix Secure Gateway Secure Ticket Authority stops working after Antivirus scanning is enabled on the FortiGate unit. |
Components |
|
Steps or Commands | Citrix Secure Gateway provides secure access to resources and applications hosted on a server farm. The Secure Gateway transparently encrypts ICA connections to protect against data tampering and theft. The Secure Ticket Authority (STA) is an XML Web service that exchanges MetaFrame server information for randomly generated tickets. It is used to control access for a Citrix Secure Gateway server. This is a special application running between Citrix STA, XML services and Secure Gateway. It was developed by Citrix for access control/authentication and application emulation for MetaFrame. The processes involved in are STA and XML services that use TCP port 80 by default. The authentication between Secure Gateway and STA/XML service does not operate properly when the FortiGate unit has antivirus enabled in the protection profile for inbound traffic from a Secure Gateway (such as the DMZ port) to one or more Citrix servers with a web interface (such as on the Internal port). SolutionThe main purpose of the workaround is to let Citrix servers and Security Gateway to communicate on a port other than the default port 80 and to avoid reconfiguring, a potentially large number of end clients. Ideally, you want to keep the Citrix server to continue listening on port 80, which can still serve other end users not connected through Security Gateway.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.