On Tuesday 10 October 2006 13:58, Young, Mike wrote: > I need some assistance with a strange Citrix problem we're having after > migrating to a new Squid proxy. > > First a little background. We run a shop where any Internet > connectivity must go through a proxy before reaching its destination. > For DNS, we run split-DNS, where we cannot resolve Internet names from > the inside. We have one internal squid proxy, which has been in place > for years, and another new squid, sitting dual-homed on the Internet > border. The old border proxy was "delegate". Any Internet destination > request must first go through the internal squid, which forwards the > request to the border squid (who then does name resolution, external > connectivity, etc). > > Recently, we switched from the delegate border proxy to the squid border > proxy, and most everything is working fine. However, we're having > problems with Citrix connections. > > We can connect to the Citrix server, and log in, but when we try to > start an application we see the Citrix MetaFrame application start, then > this error: > > "Cannot connect to the Citrix MetaFrame server. > The Citrix SSL Relay name could not be resolved (SSL error 40)" > > We can work around that error by putting entries in our > windows/system32/drivers/etc/hosts file, but still can't connect. > Instead, we get another error: > > "Cannot connect to the Citrix MetaFrame server. > There is no Citrix SSL server configured on the specified address." I understand how your Squids are set up. But I don't understand what Citrix has to do with it. For me Citrix is a software that allows Windows servers to offer terminal sessions for remote users. Where does HTTP/Squid kick in? Is Citrix SSL the "SSL VPN" stuff from Citrix? Do you use Squid as a reverse proxy and force external users through it? Apologies, but I'm confused here. Christoph
