Configuring a NetScaler with RADIUS

Question

How can we configure a Citrix NetScaler for RAIDUS?

 

Answer

To configure a Citrix NetScaler you will need to have a configured an Passly RADIUS agent. Follow RADIUS Setup Docs, here.

  1. Navigate to NetScaler Gateway > Policies > Authentication > RADIUS.
    netGate01.png
  2. Select Server.netGate02.png
  3. Add a server, using the IP Address and Client secret you configured in Passly as the RADIUS client.netGate03.png
    Note: We recommend that you change the Time-out (seconds) from 3 to 15.
  4. Create a Policy for the Web Portal:
    Name: Passly Citrix WebPortal
    Server: (The server you created in the prior step)
    Expression: REQ.HTTP.HEADER User-Agent NOTCONTAINS CitrixReceivernetGate04.png
  5. Create a Policy for the Citrix Receiver.
    Name: Passly Citrix Receiver
    Server: The server you created
    Expression: REQ.HTTP.HEADER User-Agent CONTAINS CitrixReceiver
    netGate05.png
  6. Select Primary Global Bindings from the Policy tab.netGate06.png
  7. Select Add Binding, and add both policies. Set the Receiver policy with Priority 90, and the WebPortal policy at 100.netGate07.png
  8.  Make sure all changes are saved.

Note: If you do not want to bind the polices globally, you can map them on a virtual server-by-virtual server basis, by selecting the virtual server in question, and mapping up the authentication policies from the edit screen.

 
Test
Log in to your Access Gateway as normal, and test the RADIUS auth. Both of the following methods should work.
Username/Password -> Push -> Login
Username/(Password),(OTP) -> Login.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Contact us