APM and Citrix ICA file connectivity

Question

Having some challenges with 'what should be simple' NetScaler -&gt; F5 APM (Citrix 6.5 WI) migration and ICA files to successfully connect. Per the new iAPPs template and the fact that this is WI only scenario I've configured my front-end LTM (no xml brokers) and APM with typical policy along with variable assignment after users pass LDAP:&nbsp;
session.citrix.sta_servers
expr {";}&nbsp;
session.logon.last.domain
expr {"somedomain"} &nbsp;
:: I'm able to hit subdomain.com:8080 from CLI and /var/log/apm showing the server / sessions. I did notice that the server name I'm getting has some 'extra' chars in it though vs the ICA file when I open it. The ICA file also has server/tokens/proxy assigned when I look at it. &nbsp;
My error is that "Cannot connect to the server" on the Citrix Client after I launch the ICA. No "err" message in /var/log/apm. &nbsp;
Anyone run into or have any suggestions? Does the Ctrix server team need to add anything on the back-end WI? &nbsp;
Thanks for feedback!&nbsp;

jk303 · Answer

Version: 11.6.0 HF6&nbsp;

jk303 · Answer

Well looks like it was a Firewall as F5 was not able to communicate with actual Citrix Servers (inside the ICA) on TCP:2598 on behalf of the end-user. &nbsp;

Forum Discussion

APM and Citrix ICA file connectivity

2 Replies

F5 Academy at AppWorld 2026

Kostas Injeyan - October 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Azure F5 deployed using marketplace is unable to ping backend server

Behavior of masterkey on rSeries

Terraform AS3 code for GTM Only.

f5 client certificate forwarding

SSL Orchestrator and Layer 2 Service Integration

Related Content

Solution for Citrix Optimal Gateway Routing

Citrix iApps

Multi-Stores Citrix environment BIG-IP APM

Resolve Citrix Secure Ticket Authority (STA)

File Uploads and ASM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS