Update: Accessing Citrix Web Interface over a Direct Access / UAG solution


Accessing a Citrix implementation over an Direct Access / Universal Access Gateway solution, in most implementations, will result in an error.  DA/UAG is a IPv6 based technology. The ICA file rendering on the Web Interface uses IPv4 addresses. IPv6 cant talk directly to IPv4. But this can be done with IPv4/6 transition technology’s like ISATAP. That again  will require the Web Interface to use a DNS names and not IPv4  addresses.

Here is a guide for a Citrix Secure Gateway & Web Interface implementation


If you are not using CSG, and if a Citrix client (receiver) connects over DA/UAG straight to the Citrix Web Interface underneath solution should work.  (if you use the correct IPv4/6 transition technology)

1) Enable XML service to use DNS address resolution (Citrix Policy’s)
2) Edit the Citrix Web Interface webinterface.conf file
3) Change the: AddressResolutionType=IPv4-port
     To the vallue: AddressResolutionType=DNS-port
4) Save and close the file and perform and IISReset

Will  need some further testing on this, 

Edit 12-4-201y3

Well that didn’t work…. But you might wan’t to try this:

Sollution adviced over here is just not going to work. There are some other (extra) issues with
receiver and webinterface. Something with additional communication to some components of Citrix.
We performed some more digging in DA/UAG and Citrix XenApp/Receiver. The only way we got it to work is to exclude the CSG/CAG (NS with CAG) External URL from the Direct Access / tunnel. You can do this in the UAG console if i am not mistaken. In Windows Server 2012 you can perfrom this with NRTP policy’s
So when end-users access citrix.company.com or portal.company.com the“traffic”  isn’t routed over the DA/UAG tunnel through the inside but access from the outside over their internet connection.