Alerts     Sign In
Rate this Article:
You must be signed in to rate again
 Article Feedback Print View
Alternate Languages: N/A

Fixed Issues Readme for Citrix Access Gateway Version 4.5.6

Document ID: CTX115403   /   Created On: Nov 13, 2007   /   Updated On: Nov 13, 2007
Average Rating: 4

Issues Fixed in this Release

Citrix® Access Gateway ™ Standard Edition 4.5

Product: Citrix Access Gateway Standard Edition
Current Product Version: 4.5.6
Previous Product Version: 4.5
Language: English (EN)
Fixed Issues List: 1.0

The following issues have been fixed since the previous release of this product. For information about new features and system requirements, see the product administration guides. For more information about fixed issues with Version 4.5.6, see Knowledge Center Article CTX115378 on the Citrix Support Web site.

  1. If a file is larger than 512 megabytes(MB), the file download stops without an error message.

    [From AG_v451][#23891]

  2. When connecting to the Access Gateway Administration Desktop, the Remote Administration Terminal is connecting to the proxy address even though the Access Gateway is on the exception list in Internet Explorer.

    [From AG_v451][#23900]

  3. When users connect to an Access Gateway Advanced Edition logon point and there is a connection policy configured to start the Secure Access Client, if the installation fails the error message is behind the Secure Access Client window.

    [From AG_v451][#23901]

  4. The DNS Client service on client computers stops when the Secure Access Client connects.

    [From AG_v451][#23914]

  5. Similar user group names do not appear on the Group Priority tab.

    [From AG_v451][#23916]

  6. Some Access Gateway logs are not displayed in the Administration Tool.

    [From AG_v451][#23917]

  7. Intermediate server certificates that are part of the merlin.pem certificate file are missing when the certificate is uploaded to the Access Gateway.

    [From AG_v451][#23945]

  8. When the Access Gateway is upgraded to Version 4.5, client computers do not receive all of the network resources.

    [From AG_v451][#23953]

  9. The Access Gateway is reported as offline when using the monitoring tool Sitescope.

    [From AG_v451][#23955]

  10. There is an infinite loop in Connection Manager.

    [From AG_v451][#23956]

  11. The Access Gateway stops accepting or forwarding connections to the server running Access Gateway Advanced Edition.

    [From AG_v451][#23957]

  12. The Access Gateway appliance stops responding with the error message HTTP error 500 when connecting to Access Gateway Advanced Edition.

    [From AG_v451][#23958]

  13. The Administration Tool reports that the license server is not available and is entering the grace period.

    [From AG_v451][#24006]

  14. When a Citrix Presentation Server Client connection is redirected to the Web Interface, the client software stops responding.

    [From AG_v451][#24012]

  15. If the Access Gateway appliance is changed to a license server, instead of receiving licenses from a different appliance on the network, the change is not accepted.

    [From AG_v451][#24025]

  16. If users connect to Access Gateway Standard Edition Version 4.5.1 using Secure Access Client Version 4.5 or earlier, the automatic upgrade to the newest version of Secure Access Client might fail. If this happens, have users connect to the Access Gateway portal page and start the Secure Access Client from the portal page. This automatically installs Secure Access Client Version 4.5.1 on the client computer.

    [From AG_v451][#24032]

  17. Cannot use the Fully Qualified Domain Name (FQDN) when configuring an LDAP realm.

    [From AG_v451][#24034]

  18. End users experience incorrect RADIUS authorization failures when logging on to the Access Gateway and RADIUS groups are not retrieved for users who are part of an associated group(s) on the RADIUS server. This fix does not involve any change in the configuration on the Access Gateway or RADIUS server.

    [From AG_v452][#23269, #24087]

  19. If a WINS server is configured on the Access Gateway appliance, when the user logs off from the Secure Access client, File and Printer Sharing and Client for Microsoft Networks are disabled.

    [From AG_v452][#23909, #23910, #24089]

  20. When McAfee Host Intrusion Prevention System is installed on a client computer, and the client connects using the Secure Access Client with Access Gateway Advanced Edition, when the user tries to start an application, Windows Explorer fails and the Secure Access Client icon disappears from the notification area.

    [From AG_v452][#24083]

  21. Downloading files larger than 512 megabytes through the Access Gateway fail.

    [From AG_v452][#24085]

  22. When users attempt to log on using the Endpoint Analysis Client, they cannot log on if the Web site is not trusted.

    [From AG_v452][#24088]

  23. If DNS servers in the secure network are unresponsive or have errors, the Access Gateway can take 20 minutes or more for retrying a DNS query. This can also occur if a DNS server is not configured and the Access Gateway has host table entries configured.

    The Access Gateway fails when configuration changes in the Advanced Access Control option are sent to the appliance and then the client device.

    [From AG_v452][#24140]

  24. If an FQDN name contains two dashes (--), the FQDN is truncated by the Administration Tool, preventing configuration of a Network Time Protocol (NTP) server.

    [From AG_v452][#24224]

  25. Starting in the spring of 2007, the Daylight Saving Time start and end dates for the United States transitions to comply with the Energy Policy Act of 2005. The dates in the United States start three weeks earlier (2 a.m. on the second Sunday in March) and end one week later (2 a.m. on the first Sunday in November).

    [From AG_v452][#24226]

  26. When the Access Gateway is upgraded to Version 4.5.1, the fully qualified domain name (FQDN) for the LDAP server is truncated if it is longer than 30 characters.

    [From AG_v452][#24229]

  27. If the administrator password is longer than 16 characters, you cannot log on to the Administration Desktop.

    [From AG_v452][#24230]

  28. The certificate for kiosk mode Java archives is updated.

    [From AG_v452][#24231]

  29. When the Secure Access Client is started from the desktop icon, and users are connecting to a logon point, the taskbar button displays "Shutting Down" and the portal page is not displayed for a significant amount of time.

    [From AG_v452][#24232, #24244]

  30. The Access Gateway fails when an invalid certificate is installed using the Administration Portal.

    [From AG_v452][#24234]

  31. When a user name contains a space, is configured for LDAP authentication, and the Access Gateway uses the default portal page, when the user selects A Private Computer, the space is replaced with a plus sign (+) and authentication fails.

    [From AG_v452][#24235]

  32. The Web address in the Secure Access Client Properties has a 26-character limit when connecting to the Access Gateway and Advanced Access Control option.

    [From AG_v452][#24236]

  33. Logon scripts run only when a user logs on to the default realm.

    [From AG_v452][#24237]

  34. Log messages sent to a syslog server are truncated.

    [From AG_v452][#24240]

  35. When the Secure Access Client is installed, it is added to the user's Application Data folder. If the Secure Access Client is uninstalled from the user's computer, it is not removed from the Application Data folder.

    [From AG_v452][#24243]

  36. If DNS servers are removed, changed or added, users cannot log on through the portal page to the Web Interface, or launch applications with Citrix Presentation Server Clients, until the Access Gateway is restarted.

    [From AG_v452][#24246]

  37. When creating an LDAP authentication realm, users cannot type in the FQDN.

    [From AG_v452][#24247]

  38. This fix addresses a security vulnerability. For more information, see Knowledge Center article CTX113815.

    [From AG_455][#22699]

  39. When a user logs onto Access Gateway Advanced Edition using Internet Explorer 7, and then a network interruption occurs, users log on again using their credentials. After this, when users log off, the Web logon portal page does not close as expected.

    [From AG_455][#23949]

  40. If the client computer is running Windows Vista and Internet Explorer 7, the ActiveX control that performs the pre-authentication check and starts Secure Access Client from the portal page does not run unless the Access Gateway's fully-qualified domain name (FQDN) is in the trusted sites list in Internet Explorer. If Internet Explorer 7 is running in protected mode, the Secure Access Client has limited functionality. For example, when installing the Secure Access Client, users are asked to save the executable instead of the installation starting automatically.

    To use single sign-on with Vista and Internet Explorer 7, Internet Explorer must be configured for administrator use.

    [From AG_455][#24021]

  41. When Symantec Enterprise Vault 6.1 is installed in the internal network and the user logs on through the Access Gateway to the Access Interface on the server running Access Gateway Advanced Edition, Outlook Web Access in Internet Explorer fails to respond for approximately five minutes and then starts to work correctly.

    If users are connecting directly to the server running Access Gateway Advanced Edition, there is no delay.

    [From AG_455][#24077, #24092]

  42. There is a 244 character limit for DNS suffixes that are configured on the Name Service Providers tab. The limit is increased to 1023 characters.

    [From AG_455][#24213]

  43. If the Access Gateway user configuration requires a client certificate for authentication, when users log on, the user name contains the realm name, such as realmname\username. Client certificate criteria can be configured to require only the user name or the realm name. For example, if the expression client_cert_end_user_subject_common_name=user_only is used, the user logging on is authorized for the group only if the common name of the client certificate subject is the user name. If the expression client_cert_end_user_subject_organizational_unit=realm is used, the user logging on is authorized for the group only if the Organizational Unit (OU) of the client certificate subject is the realm name.

    [From AG_455][#24219]

  44. If the Access Gateway is configured to use the Advanced Access Control option, if an incorrect DNS server is configured on the Access Gateway, it can take a long time for the appliance to restart.

    [From AG_455][#24225]

  45. If users have McAfee Host Intrusion Prevention installed, the Secure Access Client fails when users attempt to open an application on their local device. When this occurs, the Secure Access Client icon is removed from notification area, however users can connect to resources in the internal network.

    [From AG_455][#24228]

  46. The Secure Access Client sends connection requests to the local DNS server and not to a configured proxy server to resolve the public name of the Access Gateway.

    [From AG_455][#24260]

  47. This fix addresses a security vulnerability. For more information, see Knowledge Center article CTX113817.

    [From AG_455][#24323, #24324, #24325, #24326, #24327]

  48. This fix addresses a security vulnerability. For more information, see Knowledge Center article CTX113816.

    [From AG_455][#24329, #24330, #24331, #24332, #24333, #24334]

  49. If you have added users to groups on the Access Gateway for which client certificate criteria is configured, and added the same users to other groups that do not require client certificate criteria, users only get the group or groups for which no client certificate criteria is defined. Users do not get the group or groups for which client certificate criteria is defined.

    [From AG_455][#24341]

  50. When the Secure Access Client is installed, and non-administrative users log on to Windows XP, name resolution fails until the DNS cache is flushed or the connection times out.

    [From AG_455][#24358]

  51. When users are logged on to the Access Gateway, and the system administrator starts the Citrix Real-time Monitor, the Access Gateway can fail.

    [From AG_455][#24382]

  52. To enable file logging of client connections, right-click the Secure Access Client icon and click Connection Log. On the Options menu, click Log to file. When this option is enabled, the items that appear in the Connection Log are written to the log file. The log file is overwritten each time the Secure Access Client starts.

    [From AG_455][#24398]

  53. If client devices are using Windows Vista and are connecting to Version 4.5.5, the Secure Access Client is downloaded from the portal page. If client devices are connecting to earlier versions of the Access Gateway, they must use the standalone version of the Secure Access Client for installation. This version of the Secure Access Client for Vista can be downloaded from the Citrix support Web site.

    54. [From AG_455][#24427]

  54. When the Access Gateway is configured using a double-hop DMZ, and connects to the Advanced Access Control option, users are not able to download the Endpoint Analysis Client or the LiveEdit Client.

    [From AG_455][#24434]

  55. When the Secure Access Client is upgraded to Version 4.5.5, Citrix recommends restarting the client device.

    [From AG_455][#24473]

  56. When users are logged on to the Advanced Access Control option through the Access Gateway, when users logoff, the session is not disconnected. Users must manually disconnect by right-clicking the Secure Access Client and selecting Disconnect.

    [From AG_455][#24496]

  57. Licensing statistics appear different when viewing statistics on the Access Gateway and then viewing statistics in Advanced Access Control. When Access Gateway Advanced Edition is configured, view the licensing statistics from the server that is running Advanced Access Control.

    [From AG_455][#24570]

  58. If users start an endpoint analysis scan, and the connection between the Access Gateway appliance and the server running Advanced Access Control fails, users receive an error 500 in the Web browser. If the connection is successful, and the response from the server running Advanced Access Control is not what is expected, users receive an error 403.

    [From AG_455][#24631]

  59. Access Gateway Standard Edition Version 4.5.5 fails when two or more servers running the Secure Ticket Authority are configured.

    [From AG_455_44][#24719, 24726]

  60. When you capture a file in Ethereal, and then try to save the file, Ethereal fails.

    [From AG_455_44][#24727]

Copyright © 2007 Citrix Systems, Inc. All rights reserved.
Citrix, MetaFrame, and MetaFrame XP are registered trademarks, and Citrix Presentation Server is a trademark of Citrix Systems, Inc. in the United States and other countries.
All other trademarks and registered trademarks are the property of their respective owners


This document applies to:

  • Access Gateway 4.5 Standard Edition
Search
Knowledge Center
Advanced Search
Presentation Server
Presentation Server Clients (ICA)
XenServer
XenDesktop
NetScaler Application Delivery
Access Gateway
EdgeSight
Provisioning Server
WANScaler
Password Manager
>> View All Products
Citrix Developer Community
©1999-2008 Citrix Systems, Inc. All rights reserved.