27.2 Configuring Integration with Citrix NetScaler

This section provides the configuration information on integrating Advanced Authentication with Citrix NetScaler VPX. This integration secures the Citrix NetScaler VPX connection.

The following diagram represents Advanced Authentication in Citrix NetScaler.

To configure the Advanced Authentication integration with Citrix NetScaler VPX, perform the following configuration tasks:

Ensure that the following requirements are met:

  • Citrix NetScaler VPX (version NS11.0 has been used to prepare these instructions) is installed.

  • Advanced Authentication 5 appliance is installed.

27.2.1 Configuring the Advanced Authentication RADIUS Server

  1. Open the Advanced Authentication Administration portal.

  2. Click Events > RADIUS Server.

  3. Set Is enabled to ON.

  4. Move one or more chains from Available to Used list. Ensure that the chains are assigned to the appropriate group of users in Roles & Groups of the Chains section.

  5. Click Save in Edit Event.

  6. Click Policies > Radius Options.

  7. Click Add in Clients.

  8. Specify an IP address of the Citrix NetScaler appliance.

  9. Specify Name of the Client.

  10. Specify a secret and confirm it.

  11. Set Enabled to ON.

  12. Click icon to save the Client details.

  13. Click Save in Radius Options.

27.2.2 Configuring the Citrix NetScaler Appliance

  1. Sign-in to the Citrix NetScaler configuration portal as nsroot.

  2. Click Configuration > Authentication > Dashboard.

  3. Click Add.

  4. Select RADIUS for Choose Server Type.

  5. Specify Name of the Advanced Authentication server, IP Address, Secret Key, and Confirm Secret Key.

  6. Change Time-out (seconds) to 120-180 seconds if you are using the Smartphone, SMS, Email or Voice methods.

  7. Click More and ensure that PAP is selected in Password Encoding.

  8. Click Create.

    If the connection to the RADIUS server is valid, the Up status is displayed.

  9. Click Configuration > System > Authentication > RADIUS > Policy.

  10. Click Add.

  11. Specify Name of the Authentication RADIUS Policy.

  12. Select the created RADIUS server from Server and select ns_true from the Saved Policy Expressions list.

  13. Click Create.

  14. Select the created policy and click Global Bindings.

  15. Click Select Policy.

  16. Select the created policy.

  17. Click Bind.

  18. Click Done.

    A check mark is displayed in the Globally Bound column.

27.2.3 Authenticating on the Citrix NetScaler Using Advanced Authentication

  1. Specify the user’s credentials then click Login.

  2. Accept the authentication on your smartphone.

NOTE:Advanced Authentication can be configured with other authentication chains.