This issue wasn’t being seen from all remote workstations as it turned out to be dependant upon the type of Internet connection users were connecting from. For Example: A connection from a DSL line using PPPoE (PPP over Ethernet) consistently failed, whilst other connections, such as PPPoA (PPP over ATM) worked flawlessly. Further testing proved that this was due to an MTU issue.
cag
The Myth Surrounding Various End-Point Analysis Scans
There is a general misunderstanding with regards a few of the End-Point Analysis (EPA) scans provided with the Citrix Access Gateway Advanced Edition, and I find that the implementation of these scans is often not thought out correctly. There are three (3) specific scans that need to be explained.
- Domain Name Scan
- Registry “Watermark” Scan
- Antivirus Scan
Failover CAG Design Limitation
The Citrix Access Gateway Advanced Edition (CAG integrated into an AAC Farm) presents us with a design limitation that customers must understand so that the expectation of the level of redundancy built into the solution can be met.
Having multiple CAGs in place for failover only provides you with an automated and seamless failover mechanism for Secure Access Client (SSL-VPN) connections. This is as per design of the CAGs.
There are several limitations and issues that customers must be made aware of if using the failover CAG for access to File Resources, Web Resources, Web-Based Email, and Presentation Server Applications via Web Interface. i.e. Clientless connections.