NetScaler Archives - Julian Jakob

October 26, 2025 Julian Jakob

NetScaler – Negotiate SSO and WAF

Overview Recently I’ve stumbled across two identical issues in different environments. One with 13.1 60.29 and the other with 14.1 51.72 (did the same tests with 14.1 56.71, too) A negotiate Auth-Policy, linked to an

September 11, 2025 Julian Jakob

NetScaler – Testing new Post-Quantum Cryptography (PQC)

Overview In the recent released NetScaler Firmware 14.1 51.72 they’ve added first Support for the new NIST standard (hybrid) Post-Quantum Cryptography Key Exchange (PQC KX). Let’s have a first look on how to configure the

July 23, 2025 Julian Jakob

NetScaler – HDX and Gateway Insight stopped working

Overview We all did some Firmware-Updates during the last weeks regarding the current CVE’s for NetScaler and NetScaler Console. I did a lot of updates for NetScaler to 14.1 47.46 and NetScaler Console (NSC) to

June 12, 2025 Julian Jakob

NetScaler – Exchange ActiveSync Device-Check

Overview First of all, when using Microsoft Exchange Server OnPrem, try to use Modern-Authentication Methods like HMA (Hybrid Modern Authentication with Entra ID) or OAuth with ADFS (with NetScaler in front of 🙂 ) when

March 4, 2025 Julian Jakob

NetScaler – Enhanced Authentication Feedback Template

Overview Enabling the enhanced Authentication Feedback on NetScaler’s AAA gives Endusers a better understanding of WHAT is wrong with their credentials (Username, Password, OTP) but is also a lack of security, as potential password spraying

September 4, 2024 Julian Jakob

NetScaler – SSLVPN with DTLS 1.2 UDP

Overview There is a great post about DTLS 1.2 from Ferroque Systems for using EDT with HDX. I tried that config for the usage of DTLS 1.2 within SSLVPN, so the tunnel in Citrix Secure

June 30, 2024 Julian Jakob

NetScaler – EPA Scans with Quarantine Group

Overview Recently a customer had to switch from User-Cert Authentication (CBA) to Device-Cert Authentication, so I had to create a new nFactor flow with EPA for Device-Cert Check. This Post will cover the following requirements:

June 16, 2024 Julian Jakob

NetScaler – Session Hijack Protection with Responder

Overview Quick Post about what is the hijacking of an authenticated NetScaler user session and how to protect yourself from it. This feature starts with 13.1 Build 53.17 and 14.1 Build 25.53 There are two

May 22, 2024 Julian Jakob

NetScaler – WAF for Gateway and AAA

Overview Finally, with 14.1 Build 21.57 and 13.1 Build 53.17 there’s the long awaited support for using NetScaler’s Web Application Firewall (WAF) for all kind of Gateway vServer and AAA vServer. This is a Quickpost

February 16, 2024 Julian Jakob

NetScaler – OAuth IdP with one empty Attribute results in Failure

Overview Quick Post about a latest finding of an Issue when using NetScaler as OAuth IdP (doesn’t matter with which SP) and there is the need of sending some User-Attributes to the SP. Update –

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.