Connectivity requirements

Contents

General requirements

  • Ensure you have a DHCP server in your network environment for dynamic IP and DNS address assignments. Some resource locations or blueprints do not support using static IP addresses for VMs. 
  • Configure dynamic IP and DNS addressing for Internet Protocol Version 4 (IPv4) to obtain IP and DNS addresses automatically from the DHCP server. To do this, perform the following actions:
    1. Click Start > Control Panel > Network and Internet > Network and Sharing Center.
    2. From the left pane, click Change adapter settings, right-click the network adapter and select Properties.
    3. Select Internet Protocol Version 4 (IPv4) and then click Properties.
    4. On the General tab, verify the Obtain an IP address automatically and Obtain DNS server address automatically settings are selected.
      Note: Smart Tools supports Internet Protocol version 4 (IPv4) only. Internet Protocol Version 6 (IPV6) is not supported.
  • On Windows systems, verify the password for the local Administrator account does not require changing: From Computer Management > System Tools > Local Users and Groups, under Administrator Properties, ensure that The User must change password at next logon option is not selected.
  • Ensure that the machines in your resource location are connected to the Internet. Some blueprints need to download ISO images, support files, or other software during the deployment process.

Port requirements

The Citrix Smart Tools Agent requires access over port 443 (outbound HTTPS) across the Internet to the following domains:

  • smart.cloud.com
  • smart-agent.cloud.com
  • smart-eu.cloud.com
  • rttf.citrix.com
  • manage-disc.citrix.com
  • manage-monlb.citrix.com

Alternatively, you can allow access to the following public IP addresses:

  • 162.221.156.0/24 subnet (or 162.221.156.65 to 162.221.156.74)
  • 34.192.194.243
  • 34.199.85.237
  • 52.44.224.63
  • 13.82.89.73
  • 13.92.86.28
  • 40.87.65.119
  • 52.168.86.226

Important: Citrix recommends using the domains listed above as public IPs are subject to change. If you choose to use the public IP addresses instead, visit status.cloud.com and subscribe to Citrix Cloud notifications to stay informed of future updates to these IP addresses. 

Ensure the machines hosting the Smart Tools Agent are able to resolve external DNS names. Communication between your server and Citrix Smart Tools occurs over port 443 (outbound HTTPS) only. 

On Windows, ensure that the Remote Desktop Protocol (RDP) service is enabled and TCP 3389 port is not blocked by a firewall.

Port requirement for agent installation

Citrix Smart Tools includes a function that can install the agent automatically on new servers in your resource location.  To do this on Linux servers, inbound access over port 22 (SSH) is required. On Windows servers, inbound access over port 3389 (RDP) is required.  

After the agent is installed, you can shut down these ports if needed as further communication between your servers and Citrix Smart Tools occurs over port 443 (outbound HTTPS) only. For more information, see the Smart Tools Agent section.

For Citrix XenServer resource locations: If a Windows machine acts as a connector, ensure that Windows Management Instrumentation (WMI) and inbound connections on TCP port 135 (DCOM port) are enabled on your Windows VM template. If a Linux machine acts as a connector, ensure that Remote Desktop Services and inbound connections on TCP port 3389 are enabled on your Windows VM template. For more information, see Automatic Agent installation on Citrix XenServer provisioned VMs

Firewall requirements

Ensure that the firewall allows SSL traffic from your servers to the Citrix Smart Tools domains (specified in the Port requirements section) over port 443 (outbound HTTPS).

Proxy requirements

If your resource location is behind a proxy, the Smart Tools Agent requires a pass-through connection to the proxy server. For more information about configuring proxy settings for the Smart Tools Agent, see Use the Citrix Smart Tools Agent behind a proxy

Note: The agent does not work with HTTPS proxy content inspection on the SSL session. If the proxy has content inspection, set up a rule on the proxy to pass traffic from the servers where the agent is installed.

Share debug log files with Citrix Support

If your servers do not appear in the Citrix Smart Tools user interface (UI) after installing the agent, contact Citrix customer support. The Citrix customer support team may request a copy of the agent log files to debug the problem.  

  1. Log in to the server that is unable to connect to Citrix Smart Tools.
  2. Navigate to the log file location:
    • On Linux: /opt/citrix/lifecycle-management
    • On Windows: C:\Program Files (x86)\Citrix\LifecycleManagement
  3. Copy the connector.log file to your local machine:
    • On Linux: cp connector.log log.txt
    • On Windows: copy connector.log log.txt
  4. Send the log.txt file to support@citrix.com.

0 Comments