Citrix

Users on Palo Alto GlobalProtect cannot connect to Citrix VDA

Published 9 May, 2024 | By James

In investigating issues with users on GlobalProtect VPN not being able to connect to Citrix VDA servers I bumped into this forum post. In investigating I first disabled the Packet Based Attack Protection > IP Drop > Fragmented traffic at Network > Network Profiles > Zone Protection > Profiles for GlobalProtect and the zone hosting the Citrix application.

While this didn’t solve the issue performing a packet capture of the client attempting to connect to the host did now populate the ‘drop’ capture with Fragmented IP protocol traffic as shown in the screenshot below.

This confirmed that the issue was MTU related and backed up the mention in the forum post about changing the MTU size in the ICA file that is pushed to the client.

Following this article How to configure MSS when using EDT on networks with non-standard MTU with the MTU set to 1384 allowed the connection to go through as expected, the IP Drop for Fragmented traffic was re-enabled and the client continued to be able to connect as expected.

Posted in Security | Tagged GlobalProtect, MTU, Fragmented, IPSec, Citrix | Leave a comment

What does it take to run a Citrix VDI-in-a-Box Proof of Concept?

Published 26 June, 2012 | By James

One of the wonderful things about Windows Server 2008 R2 Hyper-V is that any driver that was written for Windows 7 will also run in Server 2008 R2! As such its very easy to take any Window 7 compatible PC (with a processor that can do hardware assisted virtualization like the AMD A and FX series) and turn it into a Citrix VDI-in-a-Box proof of concept (POC).

In the video below you can see me doing just that with a HP 6465b notebook (AMD A6 powered) which has been enhanced with a OCZ Agility 3 SSD.

Read on as well for a list of parts that cost less than £265 (exVAT) that you could use to run your own proof of concept for 3-4 VDI users! Continue reading →

Posted in Software, Hardware, Virtualization | Tagged VDI, Citrix, SSD, 10zig, Citrix VDI-in-a-box, Hyper-V, Windows Server 2008 R2 | Leave a comment

RAID Cache and VDI

Published 11 April, 2012 | By James

For the past few days I’ve been doing a little performance testing to see just how much an influence RAID cache makes when provisioning Virtual Desktops.

The test was to create 20 virtual desktops and see how long it takes to get the first one spun up and ready for use and then to see how long it took to get all of the desktops ready for use.

The tests were conducted using-

Citrix XenServer
Citrix VDI-in-a-Box
HP DL385 G7 Server
8 core 2.0ghz HE AMD Opteron Processor
44GB DDR3 RAM
4x15k SFF 72GB SAS 6Gbs HDDs
HP P410i RAID Controller (1Gb cache)

the results (all times in mins and seconds) were-

Continue reading →

Posted in Virtualization, Servers | Tagged VDI, Citrix, VDI-in-a-Box, HP, Citrix VDI-in-a-box, RAID Cache | 1 Comment

Have a play with this sometime

Published 25 December, 2011 | By James

We all love VDI – it makes things simple to look after desktops but sometimes the back end is a little complicated. That’s where Citrix VDI-in-a-box comes in use!

With many other VDI products you will find that the setup process is all about getting the SAN ready, getting various installations of Windows server ready and then getting the VDI management/provisioning/connection broker software running – all of which takes a very long time.

The magic of VDI-in-a-box is in its simplicity which can be summed up in a few key points-

No need for a SAN – your compute nodes just have local hard disks, the ‘golden image’ is then replicated and duplicated locally on each compute node. Continue reading →

Posted in Virtualization | Tagged Citrix, VDI-in-a-Box, VDI | Leave a comment