Configuring IIS Ports

Session Recording components that connect to the Session Recording Broker are capable of connecting using non-default communication ports. Secure connections to the Broker by default use port 443 for HTTPS traffic; however it is possible to change this port in IIS to another unused port between 1 and 65535. Changing the HTTPS port can act as an obfuscation measure and conceal the Broker web application. Before changing the HTTPS port in IIS, it is important that the new port is not already in use by the server for another application or service. The services file in the SystemRoot\System32\Drivers\Etc directory lists TCP and UDP port numbers used by Windows Server or use the netstat -a command, checking the port is not already in use or listening. Ensure that any firewalls between Session Recording components also allow access to the Session Recording Server using this port. Note that obfuscation of port numbers should never be used as an alternative to SSL or IPSec.

To change the default HTTPS Port

1). Change the default HTTPS port in IIS on the Session Recording Server:

a) As an administrator, log on to the server that hosts the Session Recording Server.

b) From the Start menu, select Start > Control Panel > Administrative Tools > Internet Information Services (IIS) Manager.

c) In the left pane, expand the servername node (where servername is the name of the server where you are changing the HTTPS port) by choosing servername > Sites > Default Web Site.

d) Click Default Web Site. In the Actions panel, under Edit Site, click Bindings.

e) In the Site Bindings dialog box, click the https entry, and then click Edit.

f) In the Edit Site Binding dialog box, change the port number in the Port field. (e.g. Change from 443 to 8081)

g) Click OK to save the setting and exit the dialog box.

2. Change the port setting for HTTPS for the Session Recording Agent service installed on each computer hosting XenApp Server OS VDA:

a) Log on to each server where the Session Recording Agent is installed.

b) From the Start menu, select Start > All Programs > Citrix > Session Recording > Session Recording Agent Properties. The Session Recording Agent Properties dialog box appears.

c) Select the Connections tab.

d) If using HTTPS for MSMQ, then in the Session Recording Storage Manager message queue area, clear the Use default check box and change the port number in the HTTP/HTTPS port field to the new port number.

e) In the Session Recording Broker area, clear the Use default check box and change the port number in the HTTP/HTTPS port field to the new port number.

f) Select OK to accept the change. If you are prompted to restart the service, select Yes.

3. Change the port setting for HTTPS in the Session Recording Player settings:

a) Log on to the workstation where the Session Recording Player is installed.

b) From the Start menu, select Start > All Programs > Citrix > Session Recording > Session Recording Player. The Session Recording Player launches.

c) Select Tools > Options > Connections, select the server, and select Modify.

d) Clear the Use default check box and change the port number in the Port field to the new port number.

e) Select OK (twice) to accept the change and exit the dialog box.

4. Change the port setting for HTTPS in the Session Recording Policy Console:

a) Log on to the server where the Session Recording Policy Console is installed.

b) From the Start menu, select Start > All Programs > Citrix > Session Recording > Session Recording Policy Console. The Connect to Session Recording Server dialog box appears.

c) Clear the Use default check box and change the port number in the Port field to the new port number.

d) Select OK to connect. If the connection is successful, this setting