Simpler Navigation coming for Servers and Operating Systems
Coming soon: a much simpler Servers and Operating Systems section of the Community. We will combine many of the older boards, and you won't have to click through so many levels to get at the information you need. If you are looking for an older board and do not find it, check the consolidated boards, as the posts are still there.
cancel
Showing results for 
Search instead for 
Did you mean: 

Citrix Secure Gateway on linux

SOLVED
Go to solution
'chris'
Super Advisor

Citrix Secure Gateway on linux

hi

Is it possible to setup something like Citrix Secure Gateway on linux ?

I mean to comunicate with the Internet Client
via browser and use ports 80 and 443 only.

CSG will running on linux and the rest
CITRIX METAFRAME SERVER etc. on WIN2000

do I need reverse proxy for citrix port 1494 ?

kind regards
chris



2 REPLIES
Steven E. Protter
Exalted Contributor
Solution

Re: Citrix Secure Gateway on linux

If your desire is to push/pull traffic using Linux as a firewall to and from a Citrix server inside your network the answer is yes.

You can modify the iptables firewall to forward ports 80 and 443. As far as what ports Citrix is using, you're going to have to refer to their documentation.

Example with vpn

# accept the proper port
-A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT

*nat
:PREROUTING ACCEPT [7:400]
:POSTROUTING ACCEPT [3:3116]
:OUTPUT ACCEPT [4:3185]
-A PREROUTING -i eth0 -p tcp -m tcp --dport 4500 -j DNAT --to-destination 192.168.0.48:47
-A PREROUTING -i eth0 -p tcp -m tcp --dport 1723 -j DNAT --to-destination 192.168.0.48:47
-A PREROUTING -i eth0 -p tcp -m tcp --dport 1701 -j DNAT --to-destination 192.168.0.48:47
-A PREROUTING -i eth0 -p tcp -m tcp --dport 500 -j DNAT --to-destination 192.168.0.48:47
-A PREROUTING -i eth0 -p tcp -m tcp --dport 47 -j DNAT --to-destination 192.168.0.48:47
-A PREROUTING -i eth0 -p 47 -j DNAT --to-destination 192.168.0.48

COMMIT


This example sets up port forwarding from the firewall for all VPN ports to an internal server 192.168.0.48

eth0 is the internal network, eth1 faces the public Internet.

If your question is duplicating the functionality of Citrix metaframe with Linux and getting rid of the Citrix server, the answer is probably but I'm kinda wondering what the point is.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
'chris'
Super Advisor

Re: Citrix Secure Gateway on linux

thanks SEP

I mean linux Version of CSG,
but I think is not ready at the moment:

http://news.zdnet.com/2100-1009_22-1001759.html

greetings
chris