Hanré Van Rensburg Posted May 10, 2012 Share Posted May 10, 2012 Hi, I have just installed NS VPX and configured an AGEE site that should just automatically pass through to WI. What I get at the moment is that when I browse to the site externally with a URL https://server.fqdn it redirects to https://server.fqdn/cgi/setclient?wica and it never goes anywhere further than that. It is configured to go to WI 5.4.2 on IIS6 on a Windows Server 2003 x86 server. Does anyone have any ideas on how to fix this? Cheers, Hanré Link to comment Share on other sites More sharing options...
Wee Sern Soo Posted May 13, 2012 Share Posted May 13, 2012 I've seen similar behavious with a partner organisation's Netscaler/virtual CAG EE to a 5.1 I think WI. It hangs at the setclient URL and then finally gets through after about 40 seconds. Not very user friendly nor help desk friendly. If you find the solution, please let us know what it is. Edited by: soozws on 13/05/2012 7:08 AM Link to comment Share on other sites More sharing options...
Hanré Van Rensburg Posted May 14, 2012 Author Share Posted May 14, 2012 I managed to find the problem! We got the same errors below when using WI on the NetScaler. What we didn't know is that TCP80 was not open between the WI vServer on the NetScaler for XML communication to work. Once this port was opened up everything started working! Link to comment Share on other sites More sharing options...
john smith1709152637 Posted May 28, 2012 Share Posted May 28, 2012 how can I open 80 port on the netscaler? Link to comment Share on other sites More sharing options...
Hanré Van Rensburg Posted May 28, 2012 Author Share Posted May 28, 2012 TCP80 or 8080 internally on the NetScaler is already as that is the port (TCP8080) it uses internally for Web Interface. The port I was referring to is one on the FW we needed to open between the servers hosting XML services and the WI hosted on the NetScaler. Link to comment Share on other sites More sharing options...
Robert Zinnecker Posted September 12, 2012 Share Posted September 12, 2012 hi, i have the same problem. i have between no firewalls or other things. please help! Link to comment Share on other sites More sharing options...
Afro Jalloh Posted September 28, 2012 Share Posted September 28, 2012 I had the same problem and had to capture traffic to figure out what was going on. I think there is an intelligence build in the Netscaler (in my case MPX 7500 build 9.2) that detect man-in-the-middle attack between itself and the web interface. It is nomally between client and Netscaler. If an alert is triggered it reset the TLS connect with the client by sending Encryption Alert message.The client would reconnect again. This cycle will continue until the browser times out In my case the false positive was triggered because the IP address of the web interface was a windows NLB. The second case was a configuration setting of the network card teaming mechanism to load balance between 2 interface cards. When a Netscaler detect an asynchronous session it assumes a man-in-the-middle attack and reset the connection with the client. Firewalls, NAT can also cause asynchronous session My solution In case 1 we supplied the WI address instead of the NLB address. In case 2 we reconfigure the teaming setting not to load balance between the interface. Netscaler has a Loadbancing feature which can be used to achieve high availability of web interfaces. Link to comment Share on other sites More sharing options...
nitin chitkara Posted March 24, 2015 Share Posted March 24, 2015 Seems to be session policy issue. http://citrixtroubleshootingsteps.blogspot.in/2015/03/hangs-on-setclientwica.html Link to comment Share on other sites More sharing options...
Pradeep Muni Gowreesha Posted October 5, 2016 Share Posted October 5, 2016 Refer to http://discussions.citrix.com/topic/347718-hangs-on-setclientwica/ to troubleshoot this issue. 2 Link to comment Share on other sites More sharing options...
Mark Kroehler 2 Posted June 20, 2019 Share Posted June 20, 2019 I'll second Pradeep's answer... Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now