See Duo Knowledge Base article 7546 for additional guidance.īefore moving on to the deployment steps, it's a good idea to familiarize yourself with Duo administration concepts and features like options for applications, available methods for enrolling Duo users, and Duo policy settings and how to apply them. If your organization requires IP-based rules, please review Duo Knowledge Base article 1337.Įffective June 30, 2023, Duo no longer supports TLS 1.0 or 1.1 connections or insecure TLS/SSL cipher suites. This application communicates with Duo's service on SSL TCP port 443.įirewall configurations that restrict outbound access to Duo's service with rules using destination IP addresses or IP address ranges aren't recommended, since these may change over time to maintain our service's high availability. Learn more about the differences between Duo's Citrix Gateway deployment configurations. If your users need the ability to reset passwords from the Citrix Gateway and your Citrix edition license or Gateway build does not permit use of nFactor, see the Citrix Gateway Basic Secondary Instructions. Gateway appliances with standard licensing may need to enable the "Show unlicensed features" option under System → Licenses to expose the Advanced Authentication Policy items in the configuration menu. Refer to the nFactor licensing in the Citrix documentation for more information. As of Citrix Gateway release 13.0-67.x, the "Standard" license also includes nFactor for Gateway/VPN, while Citrix ADC requires an "Advanced" or "Premium" license to use nFactor. Citrix NetScaler 12.1 reached end of life on May 30, 2023, so we recommend updating your firmware to 13.0 or later.Īlso verify that your Citrix Gateway is licensed for Advanced Authentication Policy. Log on to your Citrix Gateway via the web interface and verify that your Citrix Gateway firmware is version 12.1-51.16 or later and your Citrix Receiver or Citrix Workspace clients support 12.1 or later. Prerequisitesīefore starting, make sure that Duo is compatible with your Citrix Gateway device. These instructions apply to both products. Primary authentication happens directly between the Citrix Gateway and your Active Directory, LDAP, or other identity store, which enables additional features such as AD password resets.Ĭitrix Gateway was formerly known as NetScaler Gateway. To add Duo two-factor authentication to your Citrix Gateway with nFactor you'll configure the Duo Authentication Proxy as a secondary RADIUS authentication server. If you have Citrix Gateway build 12.1-51.16 or later with an "Advanced" or "Premium" edition license, or Citrix Gateway build 13.0-67.x or later with "Standard", "Advanced", or "Premium" edition license, try Duo Single Sign-on for Citrix NetScaler, which includes Duo Universal Prompt support.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |