Configuring a NetScaler with RADIUS


How can we configure a Citrix NetScaler for RAIDUS?



To configure a Citrix NetScaler you will need to have a configured an Passly RADIUS agent. Follow RADIUS Setup Docs, here.

  1. Navigate to NetScaler Gateway > Policies > Authentication > RADIUS.
  2. Select Server.netGate02.png
  3. Add a server, using the IP Address and Client secret you configured in Passly as the RADIUS client.netGate03.png
    Note: We recommend that you change the Time-out (seconds) from 3 to 15.
  4. Create a Policy for the Web Portal:
    Name: Passly Citrix WebPortal
    Server: (The server you created in the prior step)
    Expression: REQ.HTTP.HEADER User-Agent NOTCONTAINS CitrixReceivernetGate04.png
  5. Create a Policy for the Citrix Receiver.
    Name: Passly Citrix Receiver
    Server: The server you created
    Expression: REQ.HTTP.HEADER User-Agent CONTAINS CitrixReceiver
  6. Select Primary Global Bindings from the Policy tab.netGate06.png
  7. Select Add Binding, and add both policies. Set the Receiver policy with Priority 90, and the WebPortal policy at 100.netGate07.png
  8.  Make sure all changes are saved.

Note: If you do not want to bind the polices globally, you can map them on a virtual server-by-virtual server basis, by selecting the virtual server in question, and mapping up the authentication policies from the edit screen.

Log in to your Access Gateway as normal, and test the RADIUS auth. Both of the following methods should work.
Username/Password -> Push -> Login
Username/(Password),(OTP) -> Login.

Have more questions?

Contact us

Was this article helpful?
0 out of 0 found this helpful

Provide feedback for the Documentation team!

Browse this section