Skip navigation
6618 Views 4 Replies Latest reply: Jun 30, 2011 12:22 PM by wayne mercer RSS
Craig Berg Lurker 1 posts since
Dec 14, 2010
Currently Being Moderated

Dec 14, 2010 11:11 AM

QID: 12034 ASP.NET Custom Errors Found Turned Off - Citrix Secure Gateway

I'm currently running a Citrix Secure Gateway server on Server 2008 Standard - IIS7, utilizing .Net Framework v2.0.50727.  My PCI scan came back with QID 12034 ASP.NET custom errors found turned off. 

 

On the advice of the report i changed all config files for the webstie as well as global config for .NET to turn on custom errors.  After restarting IIS and rebooting the server i ran another scan but only to see that it is still failing.  I double checked all the config files and found that custom errors are still set to On.

 

I've seen 2 other posts on this issue but neither have had this same problem.  Any help would be really appreciated.  Thanks in advance.

  • Hi Craig,

     

    If you've followed the vendor documentation on enabling custom errors, the first thing that I would do would be to verify IP information.  Are there any port-forwards set up?  Are the errors coming from the gateway or a back-end web-server?

     

    Once you've validated that you're in-fact configuring the correct system, I'd contact the vendor for further support on enabling custom errors.

  • Jay Beaty Level 1 8 posts since
    Nov 9, 2010

    I was on .NET framework 1.1.4322 on my citrix gateway. So this might not work for you. I didn't even mess with any of the indivdual configs. I would see if your able to change machine.config. I had to add <customerrors mode="On"/> under <system.web>, then reboot IIS.( iisreset /noforce). Note when you reboot IIS on a citrix gateway it will break everyones session on the application screen. It will not break the application session if the application is already running.

  • Bob Ogburn Lurker 1 posts since
    Apr 4, 2011

    IIS code change like described

    <system.runtime.remoting>

              <customErrors mode="On" defaultRedirect="~/html/serverError.html" />

        </system.runtime.remoting>

     

    <customErrors mode="On" defaultRedirect="~/html/serverError.html" />

     

     

    And the following has to be changed in IIS:

     

    1. Go to Properties on Default Web Site

    2. Click on Home Directory tab

    3. Click Configuration Button

    4. Choose .rem in the Application Extension and click edit

    5. Check the Verify that file exists

    6. Click ok

    7. Choose .soap in the Application Extension and click edit

    8. Check the Verify that file exists

    9. Click ok

    10. Perform an iisreset

  • wayne mercer Lurker 1 posts since
    Jun 30, 2011

    i had the same problem as everyone else here using asp.net v1.1.4322. I changed the machine.config file  to "On" and made the changes Bob suggested and my scan passed. Thanks guys.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 6 points