Jump to content
Welcome to our new Citrix community!
  • 0

Required TCP/UDP ports for citrix Workspace


Andrea Canova

Question

Dear all, we currently have a XenDesktop 7.15 farm with redundant netscaler, storefront, delivery controller and VDA: actually we don't publish anything on public network but we have to configure a specific "secured" vpn profile that allows few remote users to use Citrix Apps/Desktop.

I'm currently a bit confused on the specific ports that we should allow and i'm trying to gather information from https://support.citrix.com/article/CTX101810#XenDesktop_XenApp

and this is my list so far:

  • Client to Active Directory domain controllers
    • DNS (tcp/udp 53) in order to give name resolution to the remote client
  • Client to Storefront servers
    • Http/Https (tcp 80/443) to Storefront for Citrix Workspace communication
  • Client to Vda
    • ICA/HDX (tcp/udp 1494) for access to applications and  virtual desktops
    • ICA/HDX with Session Reliability (tcp/udp 2598)  for access to applications and  virtual desktops
    • ICA/HDX over SSL (tcp 443) for access to applications and  virtual desktops
    • ICA/HDX from HTML5 Receiver (tcp 8008) for access to applications and  virtual desktops
    • ICA/HDX Audio over UDP (udp 16500-16509) for ICA/HDX audio
    • ICA/HDX Framehawk (udp 3224-3324)

 

Am i missing something?

 

Thank you for your support.

Link to comment

2 answers to this question

Recommended Posts

  • 0

Andrea,

If you are trying to setup an Access Gateway type of access, you will need to have the firewall team open port 443 for the Netscaler VIP on the external firewall. 

Then you will need to request the firewall team to allow traffic coming from the internal Netscaler SNIP directed to:

 

1) Storefront servers on port 80 or 443 whichever you are using

2) Citrix VDA port 1494 tcp  or 2598 I think that's udp if you are using Session reliability

 

ICA/HDX over SSL (tcp 443) is going to be from outside, you should have to worry about this.  

 

I'd focus on these conversations to start. We are not using the other options in my environment.

 

Do you speak Italian too?  

 

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...