Jump to content
Welcome to our new Citrix community!

GwInsight StatusCodes ?


Recommended Posts

Citrix ADC generates syslog messages for users when they login (or attempt to login) containing "GwInsight: Sent auth record".  For example:

"[Remote ip = ##.###.###.##:#####][Username = someuser][BackendIP = 0.0.0.0:80][SessSeq = 0] GwInsight: Sent auth record Func=ns_sslvpn_export_auth_data Username=someuser Gwip=2a7b2bfc:443 StatusCode=70 CSappid=0 CSAppname=(null) VPNfqdn= Authtype=3 EPAid=(null) AuthStage=1 AuthDuration=0 AuthAgent=DC.ENTERPRISE.LAB Groupname= Policyname=ldap CurfactorPolname=ldap NextfactorPolname= CSecExpr= Devicetype=0 Deviceid=0 email= Flags=1"

In these syslog message events, a useful numeric StatusCode=# is present. 

Q: Does Citrix offer documentation as what these Gateway Insight StatusCode numbers might mean?

I've taken a guess at some of them, but I'd really appreciate some documentation from Citrix concerning these GwInsight StatusCodes:

  • 0 = Successful login
  • 51 = Maximum login failures reached
  • 55 = Bad tokencode ???
  • 58 = ???
  • 61 = Invalid credentials
  • 63 = User not found ???
  • 66 = Password expired, or user must change password at next logon
  • 70 = ???

Any help appreciated.

Thank you.

  • Like 1
Link to comment
Share on other sites

  • 4 weeks later...

After further investigation, I realized these Citrix ADC syslog messages are intended for Citrix ADM.

That said, I:

  1. Logged into Citrix ADM
  2. Clicked Gateway
  3. Clicked Gateway Insight
  4. While viewing the Overview page, I dropped-down the time range and selected 1 Year
  5. Clicked the Authentication tab
  6. Clicked the Export icon (in the upper right)
  7. Selected Export Now
  8. Selected Tabular and CSV and 1,000,000 rows
  9. Pressed Export

After the report downloaded, I opened it in Excel and checked these two columns:

  • Error Description
  • Error Code

Here's my findings:

  • 0 = Success
  • 51 = Maximum login failures reached
  • 55 = Invalid credentials passed
  • 57 = Server timed out
  • 58 = System Error
  • 59 = Socket Error talking to authentication Server
  • 61 = Bad(format) password passed to nsaaad
  • 62 = Password mismatch (when entering new password)
  • 63 = User not found
  • 66 = Password Expired
  • 69 = Account locked
  • 70 = Password complexity did not meet
  • 380 = Malformed SAML SP assertion sent to Citrix ADC
  • 383 = Matching policy not found while trying to process SAML SP assertion

Obviously there's some gaps to fill above, but this is a good start.

Still awaiting any qualifying response or documentation from Citrix on these.

Thanks.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...