Friday, August 20, 2010

Event ID 1028 and CITRIX through a firewall

Today I have faced a problem with our CITRIX farm. Connecting to the CITRIX web interface on http://citrixserver/Citrix/MetaFrame/auth/login.aspx nothing happened during the authentication process for our users and on the citrix application server a error event 1028 was recorded :

Event Type: Warning
Event Source: TermService
Event Category: None
Event ID: 1028
Date: 20/08/2010
Time: 15:56:39
User: N/A
Computer: servername
Description:
The terminal server client servername has been disconnected because its license could not be renewed. The license server was contacted to get Windows Server 2003 - Terminal Server Per Device CAL Token. license for this client.

I quickly discovered that our security administrator had changed firewall rules between our site and the remote Licensing server. Packets to port 445 were discarded by the firewall.

So, in order to request Terminal Services client access licenses (TS CALs), you must get this kind of traffic allowed. Port 445 is for directory access, and you need that port open for user authentication. No way you can do without as far as I know.

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...