Jump to content

Citrix over a VPN connection

Michael Payne

Recommended Posts

Current setup is having users connecting via VPN(PaloAlto) to the internal Storefront servers. We now implementing new Storefront servers and gateways split tunneling that connection to the external gateway as is "best practice" or at least used to be. We're being asked for data to show that it's better that way than our current method. I have a bit of internal tester data but I haven't had a lot of luck finding anything conclusive. Does anyone have any sources showing the benefits of a pure Citrix connection to a gateway without vpn overhead?

Link to comment
Share on other sites

Citrix Gateway ICA Proxy allows a single protocol/port number: SSL 443 on front-end, ICA 2598 on back-end. The only internal machines that ICA Proxy connects to are Citrix VDAs. This is much more restrictive than a full VPN that allows a VPN client machine to connect to almost any internal machine on any protocol/port number.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...