Overview There is a great post about DTLS 1.2 from Ferroque Systems for using EDT with HDX. I tried that config for the usage of DTLS 1.2 within SSLVPN, so the tunnel in Citrix Secure
Continue readingCategory: NetScaler
NetScaler – EPA Scans with Quarantine Group
Overview Recently a customer had to switch from User-Cert Authentication (CBA) to Device-Cert Authentication, so I had to create a new nFactor flow with EPA for Device-Cert Check. This Post will cover the following requirements:
Continue readingNetScaler – Session Hijack Protection with Responder
Overview Quick Post about what is the hijacking of an authenticated NetScaler user session and how to protect yourself from it. This feature starts with 13.1 Build 53.17 and 14.1 Build 25.53 There are two
Continue readingNetScaler – WAF for Gateway and AAA
Overview Finally, with 14.1 Build 21.57 and 13.1 Build 53.17 there’s the long awaited support for using NetScaler’s Web Application Firewall (WAF) for all kind of Gateway vServer and AAA vServer. This is a Quickpost
Continue readingNetScaler – OAuth IdP with one empty Attribute results in Failure
Overview Quick Post about a latest finding of an Issue when using NetScaler as OAuth IdP (doesn’t matter with which SP) and there is the need of sending some User-Attributes to the SP. Update –
Continue readingNetScaler – How to get rid of SSO / missing PRT Issues using Entra ID Phone Sign-in
Overview You’re using Microsoft Entra ID (SAML or OAuth) as IdP for your OnPrem CVAD or DaaS Environment. Your default is to use Citrix FAS so the User-Logon to the VDA happens with a virtual
Continue readingNetScaler – Secure Access Client Cleanup Utility
Overview In a latest SSLVPN Project with NetScaler and the Windows Secure Access Client (formerly Citrix Gateway Plugin) we had some problems with the rollout of the client via SCCM. Especially when there is a
Continue readingNetScaler – Email OTP Authentication
Overview What’s better than having no MFA? A cost neutral (Assumed you’re using advanced license as a minimum) and easy to use MFA method where the Enduser hasn’t to deploy or register anything. Let’s checkout
Continue readingNetScaler – ADFS with AAA Authentication and SSO
Overview This post will give you informations and the needed configuration for publishing a Microsoft ADFS (As it’s still not dead in the wild!) with NetScaler and using AAA for Authentication with SSO to the
Continue readingCitrix NetScaler – Concurrent SSLVPN Sessions
Overview When configuring Citrix Gateway as a SSLVPN with assigned Intranet IP-Pools (IIP), it’s not possible to use more than one active session from the same user on a different device, per default. There is
Continue reading