Re: issue with citrix listed applications

david_vz_ · ‎02-18-2009

hello

we have 2 citrix farms in our backend (one metaframe xp and the other xenapp 4.5 - 5.0)

For both we use listed applications.

When launching an app from the metaframe everything works fine

but when launching an app from the new environment we receive an error message:

connection error

"you do not have the proper encryption level to access this session"

Does anyone know what's happening here?

aterockz_ · ‎02-24-2009

I found the following in the net...

Citrix Server Farm Error: "You do not have the proper encryption level to access this Session."

The Citrix server requires 128 bit encryption. If your Citrix client is not set to use 128 bit encryption, you will receive the following message when you attempt to login:

You do not have the proper encryption level to access this Session.

To verify or update the encryption level, follow these steps:

Windows Users:

Start the Citrix Program Neighborhood.
Highlight your ARMS Server Farm connection icon.
Do not actually open the connection.
From the File pull-down menu, select Properties.
Click the "Options" tab.
Select "128 Bit" as the "Encryption Level" from the drop down box.
You may need to de-select "Use Custom Default" to change the encryption level.
Do not select "128 Bit for Login Only."

If you do not have the "Encryption Level" option, you need to upgrade your client software.
The following document will lead you through updating your client software:

Citrix Setup & Connection Instructions for Windows 9x/NT/2000/XP
Click OK.

But I don't know how you can cope this with the ssl vpn box.

Best regards,

Ate

fuman_ · ‎05-06-2009

Hi, I have the same issue with citrix listed applications (Metaframe 4.0) and was working on that with Juniper's support for over 3 weeks now. After hours of phone calls, collecting all possible dumps, logs and screenshots, uploading megs of information to Juniper (that guy at juniper really worked hard to get into it) they finally told me that there is probably an issue with Citrix if you use mandatory 128bit encryption on citrix side. They asked me to uncheck the "mandatory" checkbox on citrix serverside, because there are no options to change any settings on IVE side..

However I could not test that advisory yet due to other projects but i will soon check it out...., maybe you try and give a feedback, too.

Since I opened this Case this behaviour should be a known issue and i believe to remember that they told me that it will "maybe" fixed with 6.3R5 and 6.5R1..., no word about 6.4Rxxx

maybe this Information is helpful

ruc_ · ‎05-06-2009

Yes the workaround is to disable "minimum requirement" checkbox under Encryption (under Application properties) on the Citrix server (as mentioned above). I belive the fix on SA side will be in 6.2R6, 6.3R5 and 6.4R2

RobSWE_ · ‎05-08-2009

You can also use a java applet for the connection and add encryption level in the html-code

From ICA java admin guide:

Parameter Description
EncryptionLevel

The level of ICA encryption to use for an ICA connection.

Values are as follows:
0 = No encryption, 1 = basic encryption, 2 = RC5 128-bit
encryption during authentication only, 5 = RC5 128-bit
The default value is 1.