Document ID: CTX678219
This solution pertains to:

• Citrix Secure Gateway
• NFuse 1.61

This document explains how to enable CSG support in NFuse 1.61.

If a Web server contains the NFuse extensions that ship with Citrix Secure Gateway and NFuse 1.61 is configured for CSG support, users may receive the following error when attempting to launch applications:

"Internet Explorer was not able to open this Internet site. The requested site is either unavailable or cannot be found. Please try again later."

NFuse 1.61 offers native support for CSG, making the NFuse extensions that ship with CSG 1.0 unnecessary.

Resolution

To resolve this issue:

1. Uninstall the CSG NFuse extensions and NFuse 1.61.
2. Reinstall NFuse 1.61 and implement the CSG support by adding the following lines to the \Program Files\Citrix\NFuse\NFuse.conf file:

   SessionField.NFuse_CSG_Enable=On
   SessionField.NFuse_CSG_Server=csg-server.company.com
   SessionField.NFuse_CSG_ServerPort=443
   SessionField.NFuse_CSG_STA_URL1=http://STA_Server1/Scripts/CtxSta.dll

   where:

   csg-server.company.com is the fully-qualified domain name (FQDN) of the CSG Gateway. This FQDN must exactly match the subject of your gateway's SSL Server certificate, and all clients must be capable of resolving this FQDN to an IP address.

   • 443 is the TCP port where your CSG gateway service is listening for SSL connections. Clients must have access to this port on any firewalls that stand between them and the gateway.
   • STA_Server1 is the name, FQDN or IP address, of the server acting as a Secure Ticket Authority for CSG. Additional ticket authorities can be listed as NFuse_CSG_URL2 and so on for failover purposes.

      

3. NOTE: The Supplemental Guide for NFuse 1.61 suggests that you set SessionField.NFuse_Transport=HTTPS in order to enable CSG support. This change is not necessary.

After making these changes, save the NFuse.conf file and restart the IIS services by typing IISRESET at a command prompt.