It’s a problem coming up every now and then: I can’t connect to a certain Citrix VDA, but can connect to all/some others. If your problem is a more general one, continue reading here
My first guess would always be a L4 problem, but “I opened up all firewalls”. Never open too much, and maybe it’s not an issue about firewalls.
First of all, it’s not the STA (believe me, or not, the STA is never guilty, if it works, but fails with always the same machines).
How to trouble shoot?
Well, I already told you. it’s the Citrix (NetScaler) Gateway not being able to connect to the VDA. So it has to be a layer 3/4 problem. A TCP/IP problem. There are several methods to narrow down tis issue.
You could do a network trace to see if a firewall is blocking. I guess, it’s not, and you won’t see any traffic.
So what to do?
Easy like that: I create a “fake service” in my ADC, type TCP, port 2598, pointing to the VDA.
I’m wrong about my diagnosis, if this service appears to be up. Stop reading here, your issue is an issue I don’t understand.
If it’s not up, click at 1 Service to Load Balancing Monitor Binding.
- Failure: Probe failed means, Citrix ADC sent a SYN packed, but didn’t receive a SYN/ACK. It’s a Layer 3/4 problem, a firewall is blocking communication
- Last Response: Failure – No MIP/SNIP available to send the monitor probe means, Citrix ADC had no route to the destination IP.
If you would have watched communication using a network monitor, you would have seen not a single packet, just because Citrix ADC (NetScaler) didn’t know from which IP to send its probe. You’ll have to connect Citrix ADC to this network by creating a SNIP, or add a route into this network. You’ll see this service going up immediately. Try using Citrix Workspace App (Plug-In for published applications, ICA client) in most cases your problem will be gone.