Citrix Receiver on Globalprotect

Reply
Highlighted
L4 Transporter

Citrix Receiver on Globalprotect

I seem to have Globalprotect working fine for access to any internal resource.

The one thing that does not seem to be working is the connection Citrix Receiver (PNAgent legacy version 13.3) makes to our internal Citrix Web Interface / Services site.

I'm getting the error "citrix receiver could not contact the server. please check your network connection"

I'm starting to think this is a Globalprotect issue, because:

  • On the internal LAN everything is fine.
  • Using an old style Windows VPN that terminates on one of our DC's, everything is fine.
    The only difference with GP is that GP clients terminate at the firewall, so traffic has an extra route to the Citrix servers.
  • I can actually download the Citrix config.xml file over GP VPN. That's the file the Citrix client uses to find what resources are available.
  • All related Citrix servers (portal, xenapp servers) are all reachable over GP. Name resolution is fine (both netbios and fqdn names).
  • Policy is in testing phase, so everything between the GP zone and trusted zone is allowed.

Anyone recognise this ? Anything else I can try ?

Tags (2)
Highlighted
L1 Bithead

Re: Citrix Receiver on Globalprotect

We had this problem also with some laptops. The issue was udp fragmentation. Some nic's didn't do udp fragmentation.

So they could see loginpage of frontstore of citrix and when logging in they could't coonnect to server backend.

We didn't have pathmtu on the connections and icmp was disabled. Solution was that citrixteam were goging to push smaller mtu on citrixreceiver via the config.xml file

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!