Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. How to publish a Citrix Metaframe version 1.8 server by using Internet Security and Acceleration Server 2006, ISA Server 2004, or Forefront Threat Management Gateway Medium Business Edition or Windows Essential Business Server 2008

How to publish a Citrix Metaframe version 1.8 server by using Internet Security and Acceleration Server 2006, ISA Server 2004, or Forefront Threat Management Gateway Medium Business Edition or Windows Essential Business Server 2008

View products that this article applies to.

Introduction

This article describes how to publish a Citrix Metaframe version 1.8 server by using Internet Security and Acceleration (ISA) Server 2006, ISA Server 2004, Forefront Threat Management Gateway Medium Business Edition, or Windows Essential Business Server 2008. You can use this process so that external Citrix Independent Computing Architecture (ICA) clients can run ICA sessions on the Citrix Metaframe server.

↑ Back to the top

More information

To publish a Citrix Metaframe server by using ISA Server, you must configure the following:
  • Protocol definition
  • Server publishing rule

Create a new protocol definition

  1. Click Start, point to Programs, point to Microsoft ISA Server, and then click ISA Server Management.
  2. In the ISA Server Management console, expand ISAServer. ISAServer is the name of your ISA Server computer. Or, expand TMGServer. TMGServer is the name of your Forefront Threat Management Gateway Medium Business Edition or Windows Essential Business Server 2008.
  3. Click Firewall Policy.
  4. On the Toolbox tab, click Protocols.
  5. Under Protocols, click New, and then click Protocol.
  6. In the New Protocol Definition Wizard, type a descriptive name, and then click Next. For example, you might type Citrix ICA TCP, and then click Next.
  7. On the Primary Connection Information page, click New.
  8. In the New/Edit Protocol connection dialog box, click TCP in the Protocol type list, change the Direction setting to Inbound, type 1494 in the From and To boxes in the Port range section, click OK, and then click Next.
  9. On the Secondary Connections page, click No under Do you want to use secondary connections, click Next, and then click Finish.
  10. Click Apply to save the changes to the firewall policy, and then click OK.

Create a publishing rule for the Citrix Metaframe server

  1. Click Firewall Policy.
  2. On the Tasks tab, click Create New Server Publishing Rule.

    Note In ISA Server 2006, Forefront Threat Management Gateway Medium Business Edition, or Windows Essential Business Server 2008 click Publish Non-Web Server Protocols.
  3. In the New Server Publishing Rule Wizard, type a descriptive name for the rule. For example, type Citrix Server, and then click Next.
  4. On the Select Server page, type the IP address of the Citrix Metaframe server, and then click Next.
  5. On the Select Protocol page, click Citrix ICA TCP in the Selected Protocol list, and then click Next.
  6. On the IP Addresses page, click the External option under Listen for requests from these networks, click Next, and then click Finish.
  7. Click Apply to save the changes to the firewall policy, and then click OK.

Configure the Citrix Metaframe server

The Citrix Metaframe server must also be a SecureNAT client. That means that you do not install the firewall client on the Citrix Metaframe server. Instead, configure the default gateway to point to the internal interface of the ISA Server 2004 server, Forefront Threat Management Gateway Medium Business Edition, or Windows Essential Business Server 2008 and configure a DNS address on the Citrix Metaframe server that can resolve Internet names.

Also, on the Citrix Metaframe server you must set an alternative address for the ICA sessions. First you must determine the correct ISA Server external address, and then type altaddr /set w.x.y.z in a command window on the Citrix Metaframe server. In the previous command, w.x.y.z is the external IP address of your ISA Server computer. You must restart the Citrix Metaframe server after you run this command. If you only have one IP address that is bound to the external interface of the ISA Server computer, use that address. If you have multiple IP addresses that are bound to the external interface of the ISA Server computer type the IP Address that you specified earlier in the server publishing rule.

When clients on the Internet want to connect to your Citrix server by using an ICA client, they must connect to the external IP address on the ISA Server computer that is used in the server publishing rule. This is also the same IP address that you specified when you ran the altaddr command.

↑ Back to the top

For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
300177 How to publish a Citrix server behind ISA Server

↑ Back to the top

Keywords: KB837739, kbhowto, kbisa2006swept

↑ Back to the top

Article Info
Article ID : 837739
Revision : 5
Created on : 12/24/2008
Published on : 12/24/2008
Exists online : False
Views : 533