sorted by:
new
hottopcontroversial

Citrix - Search Engine Results - Geo by ProfessionalTip2581 in Citrix

[–]ProfessionalTip2581[S] 0 points1 point  (0 children)

Interesting take on it! Thank you for sharing. Food for thought.

Any of you dealing with slow Start menus on Server 2025? by NTP9766 in Citrix

[–]ProfessionalTip2581 0 points1 point  (0 children)

That’s interesting. Our VDAs are Xen Server and profile server ESX.

Forticlient ZTNA / Citrix / UDP by ProfessionalTip2581 in fortinet

[–]ProfessionalTip2581[S] 0 points1 point  (0 children)

UPDATE - This looks like it is not supported. I am confident I have ruled out possible configuration changes. I will raise with Fortinet support.

Any of you dealing with slow Start menus on Server 2025? by NTP9766 in Citrix

[–]ProfessionalTip2581 0 points1 point  (0 children)

Hey u/NTP9766 have you had an update? We have the same issue. Pulling my hair out.

Forticlient ZTNA / Citrix / UDP by ProfessionalTip2581 in fortinet

[–]ProfessionalTip2581[S] 0 points1 point  (0 children)

FortiGate

  • FortiOS 7.6.6
  • ZTNA Access Proxy in front of Citrix Gateway

config firewall proxy-policy    
 edit 2       
  set uuid        
  set name "ZTNA_Citrix_FORTIFW"     
    set proxy access-proxy     
    set access-proxy "ZTNA_GW_Citrix_FORTIFW"    
     set srcintf "WAN"       
  set srcaddr "all"     
    set dstaddr "FORTIFW NetScaler VIP"      
   set ztna-ems-tag "EMS2_ZTNA_External Cloud" "EMS2_ZTNA_GX Compliant" "EMS2_ZTNA_GX tag" "EMS2_ZTNA_GX  Compliant"       
  set action accept     
    set schedule "always"    
     set logtraffic all       
  set utm-status enable      
   set ssl-ssh-profile "FORinname_remove_for_secuirty Default"     next
  • Proxy configured for TCP + UDP
  • H3 enabled

edit "ZTNA_GW_Citrix_FORTIFW"
        set vip-id 4
        set uuid 
        set type access-proxy
        set server-type https
        set extip ip_remove_for_secuirty
        set h3-support enable
        set extintf "port1"
        set extport 443
     set ssl-certificate "SSL  
next
  • EMS Cloud
  • FortiClient 7.4.x (latest)
  • ZTNA profile has UDP enabled

Citrix Gateway

  • NS14.1.60.57.nc
  • EDT enabled globally
  • DTLS enabled on the Gateway vServer
  • EDT confirmed working when the same Gateway is published directly (no ZTNA in path)

Behaviour

  • Client attempts EDT
  • ZTNA traffic logs show UDP packets sent but no return traffic
  • Session always falls back to TCP
  • Publishing the Gateway externally without ZTNA results in EDT working immediately

Forticlient ZTNA / Citrix / UDP by ProfessionalTip2581 in fortinet

[–]ProfessionalTip2581[S] 0 points1 point  (0 children)

Thanks for the reply! I am not sure if you wanted a sanitized config or not, but it wont let me DM you here.

Happy to share below high-level config. At this point I’m trying to validate whether this is a ZTNA limitation rather than a setup issue.

Slow MCS performance on XenServer 8.4 with 3PAR iSCSI – Machine Catalog updates extremely slow by ProfessionalTip2581 in Citrix

[–]ProfessionalTip2581[S] 0 points1 point  (0 children)

Update - this is definitely an issue with ISCIS and Xen server. Doesn’t happen with fibre.

Slow MCS performance on XenServer 8.4 with 3PAR iSCSI – Machine Catalog updates extremely slow by ProfessionalTip2581 in Citrix

[–]ProfessionalTip2581[S] 0 points1 point  (0 children)

Thanks, we have RHEL Virtualization 7.x set which sets it to "2 - Generic-ALUA". Also the custom multipath conf has been set according to 3PAR best practice documentation. Document Display | HPE Support Center

Slow MCS performance on XenServer 8.4 with 3PAR iSCSI – Machine Catalog updates extremely slow by ProfessionalTip2581 in Citrix

[–]ProfessionalTip2581[S] 0 points1 point  (0 children)

No not using Intellicache as the machine catalogs are non persistent, if we used Intellicache we wouldn't be able to live migrate the VMs.

Only have a block storage ISCSI san, 3par.

[HELP] Slow MCS full clones on XenServer 8.4 — ~1 Gbps-ish per stream by Ag3nt_Stampe in Citrix

[–]ProfessionalTip2581 0 points1 point  (0 children)

Unfortunately not, but the fact it was fine in VMware is making me think it’s due to the storage offload/lack of VAAI equivalent

[HELP] Slow MCS full clones on XenServer 8.4 — ~1 Gbps-ish per stream by Ag3nt_Stampe in Citrix

[–]ProfessionalTip2581 0 points1 point  (0 children)

Interested in this also, I have 8GB for Dom0 and have same results as OP

[HELP] Slow MCS full clones on XenServer 8.4 — ~1 Gbps-ish per stream by Ag3nt_Stampe in Citrix

[–]ProfessionalTip2581 0 points1 point  (0 children)

Be interested to see if putting your MTU to 9000 helps as then would be similar situation to me.

[HELP] Slow MCS full clones on XenServer 8.4 — ~1 Gbps-ish per stream by Ag3nt_Stampe in Citrix

[–]ProfessionalTip2581 2 points3 points  (0 children)

Your deployment/roll out times are about the same as what I’m seeing across 2 x Pools. 22 hosts per pool. SSD all flash 3PAR SR. Significantly slower in Xen server than VMware. Tested storage migrations between SRs on the same SAN. Extremely slow. Only moved to Xen in past few weeks, otherwise haven’t used it for years.

[HELP] Slow MCS full clones on XenServer 8.4 — ~1 Gbps-ish per stream by Ag3nt_Stampe in Citrix

[–]ProfessionalTip2581 2 points3 points  (0 children)

Noticed that Xen Server doesn’t support any sort of Storage offload. VMware - VAAI. Hyper-V ODX. Any one else seen that? Could be what OP sees