Jump to content
Welcome to our new Citrix community!

AlwaysON VPN Machine Tunnel not establishing when Intranet IP assigned and Profile set to Only To Gateway

Recommended Posts

We are creating an AlwaysOn VPN configuration, using both Computer and User Tunnel.  ADC Fimware 13.0-76.29

We are attempting to assign an IP address to the device at Computer Tunnel creation, allocated at the Gateway Virtual Server level; then a User Intranet IP assigned at the AAA User or Group level at logon.

This works as expected when the AlwaysON Profile setting Network Access On VPN Failure is set to 'Full Access'.  Computer and User tunnels establish, each with their own allocated IP addresses.


When we change the AlwaysON Profile to 'Only To Gateway', we are unable to establish a Computer Tunnel when an Intranet IP is assigned.  Remove the Intranet IP allocation setting and it will connect.


We’ve tried adding the Intranet IPs to the client Whitelist reg key on the off chance, but no joy, and can't find any reference to limitations in allocating the IPs in the Citrix documentation.


Has anyone else come across this connection scenario and figured out a way of assigning the IP addresses when using OnlyToGateway or could give a pointer as to why we may not be able to make the machine tunnel connection with IPs assigned?

Thanks very much!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...