Firewall Wizards mailing list archives
RE: Citrix ICA through port 80?
From: Bill Stout <Bill.Stout () aristasoft com>
Date: Mon, 14 Feb 2000 13:44:51 -0800
Nope. Tell them to dial up from home. You could publish an html page which has a hyperlink to an ICA file, but then you fire up port 1494/tcp within or outside the browser anyway. You could get restrict all access to port 1494 and use the Secure ICA product for 40/56/128bit RC5 encryption. See: http://www.citrix.com/products/sica/sicawp/start.htm Also see "Using Firewalls With WinFrame": http://www.citrix.com/support/solution/sol00053.htm Some time ago Citrix bought a company which displays the Windows App GUI through a Java interpreter, so hope springs eternal. SCO Taranella could be used to front-end the WTS box to preserve session state, but it then uses ports 3144/tcp and 5307/tcp (SSL). Make sure your 'demo' system is isolated and can't talk to anything else, since once a WTS/Citrix system is on the Internet, it's only a matter of time until someone 'owns' it. None of this solves the problem of punching a hole through the remote firewall. Bill Stout
-----Original Message----- From: SF BA [mailto:sfba121 () yahoo com] Sent: Thursday, February 10, 2000 5:25 PM To: firewall-wizards () nfr net Subject: Citrix ICA through port 80? I know that some of you will consider this a bad thing ... that aside, I still need to figure out my options. We have a demo that runs on Windows Terminal Server and Citrix MetaFrame. Some of our potential customers have firewalls setup that block their users from going out on unknown ports (if they don't have Citrix installed already, then they'll block the ports that ICA uses). I was wondering ... is there a way to set things up so that people can connect to our terminal server without having to involve their IS departments? Tunneling over http on port 80, perhaps? Thanks! __________________________________________________ Do You Yahoo!? Talk to your friends online with Yahoo! Messenger. http://im.yahoo.com
Current thread:
- Citrix ICA through port 80? SF BA (Feb 11)
- Re: Citrix ICA through port 80? Ivan Fox (Feb 12)
- Re: Citrix ICA through port 80? Crispin Cowan (Feb 14)
- Re: Citrix ICA through port 80? Lance Spitzner (Feb 15)
- Re: Citrix ICA through port 80? Crispin Cowan (Feb 14)
- Re: Citrix ICA through port 80? Mikael Olsson (Feb 12)
- <Possible follow-ups>
- RE: Citrix ICA through port 80? Troy Henley (Feb 12)
- Re: Citrix ICA through port 80? fgb (Feb 12)
- RE: Citrix ICA through port 80? Henry Sieff (Feb 14)
- RE: Citrix ICA through port 80? Bill Stout (Feb 15)
- RE: Citrix ICA through port 80? Sigler, Karl (Feb 15)
- Re: Citrix ICA through port 80? TC Wolsey (Feb 16)
- Re: Citrix ICA through port 80? Ivan Fox (Feb 12)