No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

How to set via NAT on the WI to actualize accessing all the internal user’s virtual machines through one external IP

Publication Date:  2012-11-12 Views:  38 Downloads:  0
Issue Description
The networking of a site is the simplified Desktop cloud (doesn’t have netscaler), its version is SingleCLOUD Solution V100R002C00SPC200. The customer requires accessing the user’s virtual machine though the external network and can login in the virtual machine via external or internal network. For example, the first virtual machine’s IP is: 192.168.100.2, the second one’s IP is: 192.168.100.5, and the external network IP is: 121.122.23.34.
Alarm Information
None
Handling Process
1. Login in one WI, select in turn: start-all programs-citrix-management-citrix web interface management, the system will appears the citrix web interface management interface in about one minute.
2. Select the “XenApp Web Sites-Vdesktop”, right-click the “Vdesktop” and select “Secure Access”, click “edit” in the ejecting box to change the “default” mode from “direct” to “translated”, and then click OK and the Next.
3. Click “ADD”, select the “User device route translation” in the ejecting “Add Address Translation”, write “192.168.100.2” in the “internal address”, select “80” in the “internal port”; write “121.122.23.34” in the “external address”, and in the “external port” we can write a value above 1024 (the small values are distributed into other application by the TCP system), click OK. Repeat the above operation, and then click ADD, we only need to modify the port ID, the “internal port” is “1494”(fixed), in the “external port” we can write any value above the 1024 (it must be different with the first one).
4. Add mappings for the second virtual machine, the method is similar with the step 3, write the IP as fact, take notice the port ID, for the twice adding, the “internal port” are “80”, “1494”(fixed) respectively, the “external port” can write two different values above 1024 (they are different with the step 3).
5. If there are more virtual machines need to add mappings, operate as the above steps.
6. After all the virtual machines have added the mappings, click “FINISH”.
7. Make the corresponding configuration of NAT mapping in the firewall, thus all configurations have completed.
8. Restart the node service of the IIS to make the configurations effective: “My Computer” ->>” Manage”, in the “Computer Manage” interface: “Services and Applications” ->> “Internet Information Services(IIS) Manager” ->> “Web Sites” ->> “Default Web Site”, right-click,  click “stop” firstly and then click the “start”.
Root Cause
1. We can login in the user’s virtual machine via external network and make NAT mapping on the WI, we can map multiple virtual machines to the same public network via different ports.
2. One WI has made the NAT configuration, the other one hasn’t made it, then the former can access via external network, and the latter can login via internal network.
3. There must take the corresponding configuration on the firewall as we did on the WI.
Suggestions
1. We must confirm that the “internal port” is “80”, “1494” and the “external port” are configured according to the rule while making mappings, pay attention that the “external port” is above the 1024. And we need make the corresponding configurations of NAT in the firewall.
2. We can login in the WI directly via the IP, or domain name. If we need to login via the domain name, we must publish this domain name into the network.

END