APM and Citrix ICA file connectivity

Question

Having some challenges with 'what should be simple' NetScaler -&gt; F5 APM (Citrix 6.5 WI) migration and ICA files to successfully connect. Per the new iAPPs template and the fact that this is WI only scenario I've configured my front-end LTM (no xml brokers) and APM with typical policy along with variable assignment after users pass LDAP:&nbsp;
session.citrix.sta_servers
expr {";}&nbsp;
session.logon.last.domain
expr {"somedomain"} &nbsp;
:: I'm able to hit subdomain.com:8080 from CLI and /var/log/apm showing the server / sessions. I did notice that the server name I'm getting has some 'extra' chars in it though vs the ICA file when I open it. The ICA file also has server/tokens/proxy assigned when I look at it. &nbsp;
My error is that "Cannot connect to the server" on the Citrix Client after I launch the ICA. No "err" message in /var/log/apm. &nbsp;
Anyone run into or have any suggestions? Does the Ctrix server team need to add anything on the back-end WI? &nbsp;
Thanks for feedback!&nbsp;

jk303 · Answer

Version: 11.6.0 HF6&nbsp;

jk303 · Answer

Well looks like it was a Firewall as F5 was not able to communicate with actual Citrix Servers (inside the ICA) on TCP:2598 on behalf of the end-user. &nbsp;

Forum Discussion

APM and Citrix ICA file connectivity

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Multi-Stores Citrix environment BIG-IP APM

CSV to Address External Datagroup File

Site-to-Site Connectivity in F5 Distributed Cloud Network Connect – Reference Architecture

Resolve Citrix Secure Ticket Authority (STA)

Extract Citrix Secure Ticket Authority (STA)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS