Citrix Access Gateway Issue

Discussion in 'ESET Smart Security' started by zarzenz, Sep 19, 2012.

Thread Status:
Not open for further replies.
  1. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    I use the Citrix Access Gateway to connect to my company intranet and have had no problems doing so until yesterday when I'm getting an error message when the gateway application tries to launch.

    It says... Unable to launch your application. Cannot connect to the Citrix XenApp server. SSL Error 37: The proxy could not connect to ;10;STAEBC8C95FB742 (then lots more letters and numbers) port 1494.

    I have the firewall on interactive and have always allowed the Citrix application access and this has not changed. But if I disable the firewall then it connects with no problem just like it used to before.

    So has anything happened in a recent ESET update to have caused this.

    I don't want to disable the firewall even for a few seconds so I really need to resolve this issue as othewise I can't do my work related stuff here at home.
     
  2. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    Like in cases when certain communication is blocked, do the following:
    - enable logging of blocked connections in the IDS setup
    - reproduce the issue
    - paste here the relevant records from your firewall log.
     
  3. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    Thanks Marcos, I will try this and report back with any such resulting record.
     
  4. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    Marcos, I just tried it and got this logged...

    19/09/2012 22:18:46 Communication denied by rule 192.xxx.x.x:xxx 192.xxx.x.xxx:xxx UDP Block NETBIOS Name Service requests System
     
  5. Marcos

    Marcos Eset Staff Account

    Joined:
    Nov 22, 2002
    Posts:
    14,374
    By default, NETBIOS is allowed in the Trusted zone only. Make sure your local subnet (probably 192.168.1.0/255.255.255.0) is in the Trusted zone.
     
  6. zarzenz

    zarzenz Registered Member

    Joined:
    May 19, 2002
    Posts:
    449
    Location:
    UK
    Hi Marcos, and just to update you, I have not made any known changes to the trusted zones and in fact if I'm honest I don't really know how to do all that subnet stuff anyway. I also mainly use Chrome as my browser and so I would need to do some searching on how to set up the zones there and as I get the same issue if I try IE9 then that would also need to be set.

    However having said all the above, I just called my company IT desk and they told me this is actually a known issue that they are working on to resolve.

    I was then able to advise them about this NETBIOS being blocked and that this is just a recent situation so maybe this will help them track down whatever has changed in the Citrix application at their end.

    Many thanks for your information that led me to this stage.

    This is such a wonderful support you give to us all.
     
Thread Status:
Not open for further replies.