Problem
You’ve completed configuring a Citrix Gateway with Duo MFA as described in the following configuration documentation:
Duo for Citrix Gateway Basic Primary Authentication
https://duo.com/docs/citrix-netscaler
However, you notice that authenticating through the portal does not display the Duo 2FA prompt as expected:
Note how only a field labeled as Password is displayed:
It should be noticed that entering the passcode from the Duo mobile app would successfully authenticate the identity but the following expected Duo login prompt is the desired outcome:
Solution
One of the common reasons why this behavior would be exhibited is if the portal them RFWebUI is selected (this the default theme in later versions of Citrix ADM / NetScalers) and the quick way to see if this is causing an issue is to switch the them to X1 as shown below:
However, the better solution is to refer to the following KB:
Is the Citrix Gateway RFWebUI theme compatible with Duo?
https://help.duo.com/s/article/3755?language=en_US
Which will refer to the complete instructions for information on how to configure the RFWebUI theme with Duo: https://duo.com/docs/citrix-netscaler#configure-the-proxy-for-your-citrix-gateway
Prior to implementing the configuration, verify that the requirements of having the Citrix ADC / NetScaler and Authentication Proxy at a certain version is met:
citrix_netscaler - Use citrix_netscaler when with the Default, Green Bubbles, or X1 themes.
citrix_netscaler_rfwebui - Use citrix_netscaler_rfwebui with the RFWebUI theme. Requires Authentication Proxy v3.1.0 and NS build 12.1-51.16 or later.
No comments:
Post a Comment