Overview Recently a customer requested me to implement a Clientless VPN solution with Citrix NetScaler. CVPN? Wasn’t that the rewriting module which only works with simple Webapps and all other complex ones were failing or
Continue readingCitrix FAS – SID Lookup Mismatch with Citrix DaaS
Issue Recently I tried to setup a Citrix DaaS environment with OnPrem VDA’s and FAS for a working Azure AD B2B scenario. Every B2B customer’s UPN suffix is created OnPrem with the matching Shadow Account.
Continue readingNVIDIA vGPU – Calculate required Bandwidth using RDAnalyzer
Overview When doing a NVIDIA vGPU PoC the mostly asked question from the customer perspective is – how much Bandwidth do we need per User / per branch Office to calculate the required Bandwidth when
Continue readingNetScaler – (Un)limited nFactor with Standard License
Disclaimer Citrix isn’t supporting this way of configuration for a full-feature usage of nFactor with a Standard License. The following content is for testing / lab purposing only. Don’t put this in production! Overview Starting
Continue readingNetScaler – Native OTP and Push OTP in Combination
Overview Not all customers are able to use modern authentication methods regarding SAML / OAuth with Identity Providers like Azure Active Directory, Okta and so on – there is still a small but not uninteresting
Continue readingCitrix FAS – Azure AD CBA with Primary Refresh Token (PRT)
Overview There are several discussions about the missing Primary Refresh Token (PRT) in the User’s Citrix Session when using SAML / oAuth with Azure AD and Citrix FAS – as using Smartcard to authenticate is
Continue readingNetScaler – Fix broken HTML5 Workspace Sessions
Issue Recently I saw quite a few broken HTML5 Workspace Sessions, when trying to connect via Citrix Gateway (using internal directly HTML5 to Secure ICA is working fine) after updating the Site to 1912 LTSR
Continue readingCitrix DaaS – Adaptive Authentication
Overview What is Citrix Adaptive Authentication? It’s part of Citrix Secure Private Access (SPA) and it’s building the authentication engine for SPA and for Cloud Workspace. Technically, Citrix is hosting an ADC HA-Pair on Azure
Continue readingNetScaler – Always On Machine & User Tunnel VPN
Overview Recently I had the pleasure to implement the Always On VPN mechanism from Citrix ADC. As there are three different technical possibilities, I will give you some insights about my deep dive, which should
Continue readingNetScaler – Latest Insights about Security Headers
Overview Security Headers are http header, which set additional limitations for a overall higher security when it comes to common attack mechanisms like Cross Site Scripting (XSS), Clickjacking or MIME-Sniffing. A part of most of
Continue reading