Jump to content
Welcome to our new Citrix community!
  • 0

TCP Socket redirection (TCP port randomization) for apps


William Williams

Question

I have an app that opens a TCP listening socket on the XenDesktop server. The apps thinks its opening port 4321 (just as an example), but when I use 'netstat -an' I can see that port isn't opened.

I used sysinternals process explorer to identify that the listening port is changed to something high like 22443, which is semi randomized each time the app is started.

 

What process/policy within the Citrix stack does this redirection/randomization?

How can I force it to use the correct/original port number?

Link to comment

3 answers to this question

Recommended Posts

  • 0

Hi,
If you install the app in a server without any Citrix software it works always in the same port? I think that Citrix policy cannot redirect ports for an specific application. I believe that this is not a Citrix Issue.

If you install the app in a server outside Citrix infraestructure ands works always in the same port, you can test what modify the port, by installing one software a time and check the app port.

Regards.

Link to comment
  • 0
14 hours ago, Nicolaacutes Ventre said:

Hi,
If you install the app in a server without any Citrix software it works always in the same port? I think that Citrix policy cannot redirect ports for an specific application. I believe that this is not a Citrix Issue.

If you install the app in a server outside Citrix infraestructure ands works always in the same port, you can test what modify the port, by installing one software a time and check the app port.

Regards.

 

Yes, and its not just one app, but any app that opens a listening TCP port. I'll use "iperf3.exe -s" as an example. It opens TCP 5201 by default. When I run that on a regular Windows 2016 server, or Win2016 RDSH Server, it works as expected, and opens TCP 5201. When I run it on my Citrix server, the commandline output from iperf3.exe says its opened 5201, but "netstat -an | find ":5201"" shows that port is not open, and procexp shows iperf.exe has instead opened a high port like 22443.

We are also using PVS, applayering and FSLogix. Are any of those things likely to cause that behavior?

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...