Forum Discussion

The-messenger_1's avatar
The-messenger_1
Icon for Nimbostratus rankNimbostratus
Feb 23, 2017

Citrix iapp + DUO 2 factor auth

I have a working Citrix iapp solution, APM is standard. I need to add 2 Factor authentication for Citrix and for OWA. Owa is easy enough the duo implementation steps here work just fine. These steps make it easy for OWA: https://devcentral.f5.com/articles/integrating-duo-security-with-f5-big-ip-access-policy-manager

 

But APM with citrix is different, especially using the iapp which breaks the citrix receiver and web access into different branches. Starting with the Web branch, I replaced the iapp/APM AD Auth with the DUO-Radius authentication. I can login successfully but the citrix page will loop with the error cannot connect to server.

 

  • I'm sure my issue is in adding the duo-radius auth piece. The default radius branch rule expression is Successful:Radius has passed. I believe I need an expression that AD Authentication will accept and also pass on the credentials/authentication.

     

  • So I solved this by simply adding Duo-Radius and had to place it after "sso credential mapping".