© image: Wikipedia Two and a half years ago, I have written an article about LDAP. I always planned to add an article about RADIUS as well, but I never did. Today, I had to troubleshoot a RADIUS problem, so I did the necessary traces. It is a DUO server, but most other servers behave similarly. Here we go! What is RADIUS RADIUS (Remote Authentication Dial-In User Service) is a protocol to...
I came across following issue, doing a Citrix ADC / NetScaler project: My customer wanted to use Azure MFA for internal users and LDAP/RADIUS for external users like contractors and parters. That’s a typical use-case for n-factor authentication. So how do we solve problems like that? The solution A Solution based on group membership The difference between internal and external users is...
last update: September 25th 2019 I was recently asked: Johannes, is it possible to orun the same AAA server, from the inside with single factor, from the outside with two factor authentication? Of course it is. That’s how you do: Prerequisites My test environment contains of a lb vServer (lb_vsrv_colors). I created a AAA vServer aaa_multifactor_ath. There is a content switching vServer...
photo by geralt (pixabay.com) last update: January 5th 2020 Recently I had to find a solution to block all connections to a TCP based service (SSH, TCP port 22), except of connections from IP addresses that pr-eauthenticated using a AAA vServer. This is something, most firewalls can do, but a Citrix ADC / NetScaler can’t. Ok, it can do, or would you think, I’ll write a blog about me failing...
last update: April 2023 The problem I recently had to assist designing a portal solution. The customer had an existing solution based on Microsoft ADFS to log on users to ShareFile, Office 365, SAP and similar applications. In addition they used Citrix Gateway (NetScaler Gateway) to publish applications XenApp applications and VDI (XenDesktop) to users. We had to unify the user experience and...