Citrix Access Gateway For Mac

2020. 4. 10. 10:55카테고리 없음

Here is the scenario: My company uses: Citrix Access Gateway Device Client: Citrix Access Gateway Client (available for windows only) Doesn't seem to be one for Mac. Seems like it is an SSL Device.

  1. Citrix Access Gateway Endpoint Analysis Mac
  2. Citrix Access Gateway
  3. Citrix Access Gateway Download

I want to be able to connect to the device and establish a VPN tunnel. That way I can get to my email via mail.app. Currently, I can get to my published applications (Outlook) on the Citrix server but I would prefer to forget about the published apps, unless I am at a client site and they block the VPN ports. I would much rather bring up the tunnel and connect via mail.app. Anybody have any great ideas? I believe Citrix have a beta version of the CAG SSL/VPN client - though it's only available to channel partners at this stage - I asked my friend at Citrix for an update on it only last week. I have a similar issue myself though my employer users Cisco VPN.

I run up a Parallels Windows XP virtual machine on my Intel Macbook and connect from that. Using Parallels you can then connect Mac applications through that tunnel, or at least you should be able too - Parallels allows you to run Mac apps on the VM. Not perhaps a solution for you especially if you don't have an intel Mac, but a possibility perhaps.

Hope this helps.

Citrix Access Gateway Endpoint Analysis Mac

Citrix Access Gateway For Mac

Follow: As many of you know, from Windows to Mac. Now that owning a Mac is so trendy there have been dozens of articles and blogs written about how to use a Mac in a corporate environment (hooking up to an Exchange server, firewalls, etc.). In this article, I'll share what I've learned and discovered about using a Mac as a Citrix / Terminal Server admin. (And no, I'm not going to talk about running Windows in a VM on a Mac. I'm talking about a 'real' Mac OS X in a Citrix and Terminal Server environment.). Using a Mac with a Terminal Server Let's start with Terminal Server.

First, yes, Microsoft makes an RDP client for Mac. They call it the Remote Desktop Connection for Mac, and you can from Microsoft.com. Right now the RDP Mac client is compiled for PowerPC processors, but of course this will seamlessly run on Intel Macs. (I have an Intel Mac.) The only weird thing is that client printer mapping only works from PowerPC-based clients. I assume that Microsoft will release a universal binary version soon that will fix this problem. A little quirk to keep in mind is that while cutting and pasting between the local and remote system works fine, you need to remember that each platform uses a different keystroke.

So to copy something from your desktop to a remote server, you would need to use OPTION+H on your desktop, and then CTRL+V in the remote session. I can't tell you how many times I think that the clipboard is broken only to finally realize I've been trying OPTION+C in the remote RDP session instead of CTRL+C. You can also connect to Windows Server 2003 console sessions with the Mac RDP client by holding down the Option key when you click the 'connect' button. The only thing that's super weird about the Mac RDP client is that only one instance of it can run at a time. So if you have a session open and you lauch the RDP client from the Applications folder, it will just pop your current session window to the foreground instead of popping up the box that allows you to connect to a second remote RDP session.

Fortunately there is a cool utility that fixes this problem called. RDC Launcher is this little app that spawns individual and separate instances of the RDP client software. So instead of clicking on the RDP client to open new windows to connect to other systems, you click on the RDC Launcher and it pops up another client. I use this every day and routinely have three or four RDP sessions connected at the same time. Using a Mac with Citrix Presentation Server As for Citrix, yes, Citrix offers an too. It's currently version seven-something (versus nine-something for the Win32 client), but it supports the main features like seamless windows, multiple connections, client printing, client drives and audio, etc. The Mac ICA client also fully supports MIME types in the normal way, so users accessing their applications via Web Interface can just click on an icon to run an application.

Gone are the days where the temporary ICA file had to be saved to the desktop and then double-clicked. There's no Program Neighborhood for the Mac, but that shouldn't really be a problem since it's compatible with Web Interface. The only really annoying thing about the Mac ICA client is that the Option+H hotkey combination is not passed through to the remote seamless application. In the Mac OS X world, Option+H 'hides' an application, which is kind of like minimizing an app in Windows except that hiding an app also removes it from the dock (the taskbar equivilant).

It would be cool if the Option+H command could be used to hide individual seamlessly-published apps, but instead it's intercepted by the local OS and ends up hiding the entire ICA client. Another cool way to access your ICA apps from a Mac is via the 'Powertoy' components on CDN. One of these components is a that's essentially an ICA Program Neighborhood Agent plug-in for Firefox.

This extension works fine with the Mac version of Firefox. Finally, you can connect to Windows PCs using Citrix's GoToMyPC product from a Mac, but a Mac cannot be the remote computer that you're connecting to. However, because the GoToMyPC viewer is Java-based, you won't be able to cut and paste between your local and remote programs. What's missing? The biggest bummer about this whole Mac / Citrix thing is that as of today, there is no Mac client for the Citrix Access Gateway. This is a huge bummer for me.

I guess it's kind of cool that Mac OS X has a pretty slick and totally integrated PPTP client, and I use it every day. But I still occasionally get stuck at a location that doesn't have the PPTP port open, and I'm jealous of my coworkers who can tunnel in via 443. The good news in that front is that I interviewed Mark Templeton last week, and I made a passing remark about the lack of a CAG client for the Mac.

Mark said that a Mac CAG client is definitely coming. Citrix is looking for strong Mac support since more and more are being sold, and Citrix needs to support whatever client devices the masses are using. To clarify, seamless windows is not supported with the MacOS X client. Individual published applications will run with a border around them. The Citrix Web Interface 4.x defaults to using the ICA Java client when using the Safari browser. The Java client does support seamless apps. However, there are a couple Citrix articles that describe how to change this behavior and give the users a choice.

Our company has a small Graphics Arts department with about 12 users mainly running Macs. With the advent of the Intel based machines and virtualization (Bootcamp and Parallels) Mac users have a lot of choices to run Windows apps. But so far ours seem to be sticking with Citrix since it doesn't disrupt their work and they can have the same access from both home and work. Add My Comment.

As an independent Windows consultant, I recently noticed an increasing number of Macs in several of my client's workplace. I ignored it. But as management began to request more and more of 'how can we use these Macs in the enterprise and connect to Windows AD?' Questions, I noticed I was saying 'I dont do Macs or Apple' one too many times. If I said it too much, they would find someone who would answer Yes.

So I got Mac Pro. How is this thing going to pay for itself, I thought. Then I had a client come to me with a project: They were all on an NT40 domain, with about 200 users. They wanted to migrate to W2K3 AD with minimum interference and not lose any computer accounts and user security accounts. Long story short- I used a PC running VMWare to create an NT40 BDC at their offices; then brought the BDC back to my lab. I then used the MAC runing Parallels and created multiple VMs and a VM running W2K3 as the control station.

The upgrade from NT40 to W2K3 ran flawlessly on the MAC VM and retained all user accounts and computer accounts. My client then wanted to change the Domain Name. Still using the MAC VM Parallels environment, I used the procedure: recommended by Microsoft for renaming a domain. I then got the client's 1U Supermicro server they planned on using as their new domain controller and used DCPROMO to migrate the AD information over to the fully-physical machine. I then demoted the MAC VM AD, migrated master roles, and that was it.

There was a little cleanup on the Supermicro needed to purge some metadata out of AD after I used DCPROMO to bring the Supermicro server online. I used this: to delete the extinct server metadata from the new AD. I could not have done this without the MAC. The PC VMWare did not like the NT40 VM after it was upgraded to W2K3 and I could not figure out how to get VMWare to see the new change in OS after the upgrade, so it crashed. The MAC VM Parallels product, on the other hand, upgraded smoothly. It warned me as I was booting into W2K3 that the OS had changed; so I changed the platform in a dropdown box, and that was it- instant upgrade.

William Lolli Tech Assist Inc Escondido CA Add My Comment. Hi there Brian, This is immensely helpful to those of us who use a Mac for accessing server-based application full-time or from our home machine. One thing I would like to add is that the latest Java ICA client supports more features (such as seamless windows) than the native Mac client and would be worth checking out. One major issue I have with the Mac client is the lack of support for this platform from vendors like Uniprint and ThinPrint. Neither of these vendors offer (working and usable) Mac support for their products which is very disappointing if these products are required for printing from a Citrix session. Add My Comment. Other issues that you might run into while using either of the Mac clients to access Citrix: Certificates.

Unlike Windows, neither the Mac client nor the Java client access the central Keychain keystore. What this means is that it is very unlikely that your Secure Gateway's certicficate will be supported 'out of the box' by either client. Adding certificates to the native client is not particularly difficult, and it is possible to add the certificate and re-bundle the client into a DMG with the cert included. The Java client is SIGNIFICANTLY more complicated.

Citrix Access Gateway

It involves using the command line to add the certificate to the java keystore. I really do hope that Citrix brings the Mac client up to date - usage of the Mac by folks at home has been increasing over the last two years a great deal. Matthew Add My Comment.

ORIGINAL: William Lolli Long story short- I used a PC running VMWare to create an NT40 BDC at their offices; then brought the BDC back to my lab. I then used the MAC runing Parallels and created multiple VMs and a VM running W2K3 as the control station.

The upgrade from NT40 to W2K3 ran flawlessly on the MAC VM and retained all user accounts and computer accounts. My client then wanted to change the Domain Name. Still using the MAC VM Parallels environment, I used the procedure: recommended by Microsoft for renaming a domain. I then got the client's 1U Supermicro server they planned on using as their new domain controller and used DCPROMO to migrate the AD information over to the fully-physical machine. I then demoted the MAC VM AD, migrated master roles, and that was it.

There was a little cleanup on the Supermicro needed to purge some metadata out of AD after I used DCPROMO to bring the Supermicro server online. I used this: to delete the extinct server metadata from the new AD. I could not have done this without the MAC. The PC VMWare did not like the NT40 VM after it was upgraded to W2K3 and I could not figure out how to get VMWare to see the new change in OS after the upgrade, so it crashed.

The MAC VM Parallels product, on the other hand, upgraded smoothly. It warned me as I was booting into W2K3 that the OS had changed; so I changed the platform in a dropdown box, and that was it- instant upgrade. It seems you are having a problem with VMware, remember when you upgrade NT4 to Win2k3 in VM, you need to upgrade the VMware tools or else the VM network driver would give you problems. I love how Mac users post these 'Mac to the rescue' posts. I've never had the problem you indicated here, in fact it could be done without Vmware with Microsoft's own free Virtual PC product. I find VPC better driver support then VMware, I use VMware for application development more.

Add My Comment. The last time I used Citrix ICA with a Mac, I discovered an odd 'undocumented feature.' Whenever I had a Microsoft Office program open, Command-C (copy) would interrupt the Citrix session. (Pulling down Edit Copy from the menu interrupted it too.) I'd have to quit all MS Office programs in order to successfully relaunch ICA. Since I was one of the only people using a Mac at my company (and the only one using Citrix over a Mac), the IT department didn't want to spend too many resources fixing the problem, so I wound up cutting-and-pasting (instead of copying). The company was on MetaFrame XP, and I hope Presentation Server has solved that problem.

Anyone else familiar with this hiccup, or was it unique to my old company? I have a choice of Mac or PC at my new Citrix-friendly company, and if this bug is still present, then it might alter my decision. Add My Comment. The biggest issue I face integrating Macs into our environment is the total ban on usernames and passwords - we require smart card authentication for all access to any resource. With Thursby ADmitMac middleware, we are now authenticating to the Mac and getting an AD Kerberos ticket (The Apple OS does not know what to do with the ticket), and VMware on the Mac works fine with a smartcard, except only one OS can own the SCM Microsystems reader. (Parallels cannot support our USB readers, and is a Russian based company causing other issues.) The RDP clients, from any source, do not appear to support smart cards either, which could be our way into the virtual machine.

Apple Mail or Microsoft Office 2004 Entourage for Mac cannot connect to our Exchange servers because no one knows their passwords because of the required smart card authentication enforced from the user account in AD. Until users can get to the GAL (for e-mail signing an encryption certificates), and interact with free/busy, they again cannot fit into our Enterprise, because we are 100% Microsoft Exchange. One solution requires IMAP (off in our environment) and the other WebDav or OWA - and OWA is now required to be off. Until vendors start taking smart cards authentication seriously, they will have issues getting into our environment.

BTW - Apple is not the only vendor. Linux and Solaris struggle here also. Microsoft has smart card authentication almost figured out - except for OWA, so we are not totally happy with them either. Another big issue is the lack of VPN support to the newer Cisco and Juniper devices, and again no smart card support. Also, almost every Apple patch and OS update breaks existing software. A perfect example is the Citrix ICA client for Macs. This makes them very difficult to manage.

Citrix Access Gateway Download

I don't want to come across as pro-Microsoft and anti-everything else, but I have requirements for our Enterprise and all products must measure up or be left behind. My stance, at the moment, is that Apples (and Linux) workstations are mere toys and are not Active Directory Enterprise ready.

Add My Comment.