If you have implemented DirectAccess for your users so that they could connect to corporate network whilst they work from home, you might have come across this issue while using Citrix. Users would be able to connect to Storefront portal and authenticate themselves but when they try to launch applications it fail. Users will also notice the below Citrix Receiver dialog with no apparent error messages.
The users who connect directly to Storefront without DirectAccess have no issues to launch applications.
When you have DirectAccess enabled on user PCs, it expects hostname/FQDN values for initiating traffic between the client and the DA gateway. By default, Citrix XenApp tries to connect on IP addresses to bypass the infrastructure reliance on DNS. So, we will need to find a way to switch that behaviour to an FQDN based connection initiation.
Let’s look at the .ICA files to see what’s in there. The below screenshot is of an ICA file that shows IP addresses. This setup will NOT work for DirectAccess connections.
To fix this, you will need to change a DNS parameter in XenApp/XenDesktop 7.x farms.
You will need to change the value from False to True
Set-BrokerSite -DnsResolutionEnabled $True
Running a Get-BrokerSite after that will show that the value has been changed from False to True
Now, let’s inspect the ICA file again. You can find the ICA files from your User profile folder. I had mine under
C:\Users\<username>\AppData\Local\Citrix\Web Helper v2\Temp
If you open the file in Notepad, you can see that the IP addresses have been replaced with FQDNs
That should resolve the issue.
Stay safe and Stay at home. Cheers people!!