Jump to content
Welcome to our new Citrix community!

iOS nFactor (OTP / LDAP) Login


Jonas Mertens

Recommended Posts

Hey together,

 

I'm trying to get iOS App working. Unfortunately the server was installed and configured by a coworker, this is why i do not know every setting.

 

I tried to configure as mentioned here: https://discussions.citrix.com/topic/401790-citrix-workspace-app-ios-with-netscaler-gateway-with-native-otp/

 

Actually the LogIn is denied, because of wrong OTP code. In the ns.log I see, that the Gateway receives my password as OTP Code. Before I configured the changes in the above Link, there was a password prompt where i had to switch password and OTP code. After this there appeared another Prompt, which i can't pass.

 

Any Ideas for this problem?

 

Netscaler Release is nc 12.1. 55.18nc

 

Thanks in advance

 

#Edit: Patched Netscaler

Link to comment
Share on other sites

  • 2 weeks later...
  • 3 weeks later...

I had the same problem, you have to change the following expression:

 

Section1: Create a policy for OTP Verification for IOS Workspace Clients (Factor1)

Navigate to: Security ==>AAA - Application Traffic==>Policies==>Authentication==>Advanced Policies==>Authentication Policies     ==> ADD

Name: IOS_WORKSPACE_Factor1

Action Type: LDAP

Action: ldap_otp_action (as noted in  

Expression: HTTP.REQ.HEADER("User-Agent").CONTAINS("CitrixReceiver") && HTTP.REQ.HEADER("User-Agent").CONTAINS("IOS")

 

 

To:

 

Section1: Create a policy for OTP Verification for IOS Workspace Clients (Factor1)

Navigate to: Security ==>AAA - Application Traffic==>Policies==>Authentication==>Advanced Policies==>Authentication Policies     ==> ADD

Name: IOS_WORKSPACE_Factor1

Action Type: LDAP

Action: ldap_otp_action (as noted in  

Expression: HTTP.REQ.HEADER("User-Agent").CONTAINS("CitrixReceiver") 

 

Link to comment
Share on other sites

  • 2 months later...

I can't get this to work.. I have built a nFactor flow using visualizer, I did bind the flow to a AAA vServer and wheter I do the procedure of CTX269642 in the flow visualizer as first step or create a policy that is binded to AAA vServer before the policy of the flow, it doesn't work. I'm 13.0 52.24 version of ADC

 

The IOS Workspace either keeps spinning or fails.

 

Has anyone managed to make this work with flow visualizer ?

Link to comment
Share on other sites

On 5/22/2020 at 5:51 PM, Philippe Marro1709155269 said:

I can't get this to work.. I have built a nFactor flow using visualizer, I did bind the flow to a AAA vServer and wheter I do the procedure of CTX269642 in the flow visualizer as first step or create a policy that is binded to AAA vServer before the policy of the flow, it doesn't work. I'm 13.0 52.24 version of ADC

 

The IOS Workspace either keeps spinning or fails.

 

Has anyone managed to make this work with flow visualizer ?

Hi, I am also having problem making this work. Everything was fine until I upgraded to 13.0.52.24 .... 

 

Carl Stalhood tweeted this workaround https://support.citrix.com/article/CTX272402   but I still couldnt manage to get this work. Maybe you have another idea?

Link to comment
Share on other sites

  • 2 weeks later...
23 hours ago, Philippe Marro1709155269 said:

Maybe it's fixed with build 58.30, but not listed in resolved nor known issues. It does not seems they think it's an issue maybe :2_grimacing:

I have updated today to 58.30, but no good luck. But I think the errormessage is now different in nsvpn log. Will try to have a look tomorrow.

Link to comment
Share on other sites

On 6/9/2020 at 5:05 PM, Philippe Marro1709155269 said:

Maybe it's fixed with build 58.30, but not listed in resolved nor known issues. It does not seems they think it's an issue maybe :2_grimacing:

Just to let you know. Our ADC crashed this morning after around 12h since upgrade. As soon as a user started connecting via workspace app the ADC's started rebooting.. 

 

I switched back to 52.24 for further analysis.

Link to comment
Share on other sites

  • 3 months later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...