Hello all: Forgive me if this post gets long. We run BM3.8
sp5 on a NW6.5 sp6 server. We use clntrust for
authentication to the proxy.

I work for a Medical Practice and we have been asked to
begin electronically signing Doctor reports with local
hospitals. The Hospital uses Juniper and Citrix clients to
tunnel over port 443.

So the installation requires us to install a Juniper
Networks security manager and a Citric client. The idea is
that the Juniper Security Manager will create a HTTPS tunnel
to the hospital server and tunnel the Citrix traffic thru
it. The fly in the ointment is that when the Security
Manager launches it breaks the clntrust connection to the BM
firewall and therefore all traffic gets terminated, no
Citrix connection.

I am unwilling to open up 443 without the proxy but can't
have the proxy if I want to do the above. How can I get
around this? Will I be forced to allow un-proxied traffic
to specific workstations to specific destination IPs?

Thanks for the help, Chris.