VMware horizon view client with MFA

Hi,

 

We have configured a virtual server with APM policy for vmware view horizon (used a iApp). We configured also MFA Radius to use a token. When we login through the web interface everything works fine, we enter username and password getting prompted for the tokencode and if we enter this it logins fine. However if we use the VMware Horizon view client we can't login, we enter our username password and then it asks for the tokencode when we enter this we get an error: Authentication failed. We made some packetcaptures and see that if we use the client the token field is empty so the entered token is not send.

 

If we do a capture of the webclient we see a token sent. One big difference we see is that the webclient puts the token in the variable _F5_challenge and that works fine because this variable is mentioned in the login.inc. If we capture the traffic from the vmware horizon view client we see that the variable contains the token is named "tokencode" and this is not forwarded correctly to the radius (MFA) server. we already tried to changed the variable name in the login.inc to tokencode without any success.

 

I'm a bit out of options, is there anyone who can help me?

 

Best Regards,

 

Maarten Lutterman