Jump to content
Welcome to our new Citrix community!

Citrix VPN clients cannot connect to internal resources


Sunil Chacko

Recommended Posts

Hello,

 

testing Citrix VPN on my netscaler but once connected it cannot access any resources inside such cannot ping an internal IP. I have a Netscaler sitting purely in DMZ, and it give out intranet IP. Client get an internal IP but cannot ping anything internal. What kind of firewall configuration i need for this setup?

 

Pretty much Netscaler is on DMZ with a DMZ SNIP giving out internal IP. 

 

Link to comment
Share on other sites

Hello, 

 

The SNIP regardless of what network it resides. Needs to be able to reach the resources the users need to access. As far as the IP handed out this network should be strictly isolated to the ADC and not overlap with any other networks and routing will need to be set up so the traffic from these IPs needs to be send back to the ADC, ideally the SNIP in question. 

 

Val

Link to comment
Share on other sites

Thank you for the quick response. My Netscaler is sitting totally in DMZ and not dual homed with an Internal IP. So lets say if my Netscaler SNIP DMZ IP is 192.169.10.21,  this IP should be able to reach any my internal IP's like 192.168.1.0/22 and vice versa ?

Link to comment
Share on other sites

Issue is my firewall team tried and not working and they are telling me Netscaler needs to be dual homed with one IP in DMZ and one IP in Internal. When we do intranet ip less, we can ping internal resource. As soon as we assign IIP, all we could ping s the DMZ SNIP of Netscaler only

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...