cancel
Showing results for 
Search instead for 
Did you mean: 

Citrix iapp + DUO 2 factor auth

The-messenger_1
Nimbostratus
Nimbostratus

I have a working Citrix iapp solution, APM is standard. I need to add 2 Factor authentication for Citrix and for OWA. Owa is easy enough the duo implementation steps here work just fine. These steps make it easy for OWA: https://devcentral.f5.com/articles/integrating-duo-security-with-f5-big-ip-access-policy-manager

 

But APM with citrix is different, especially using the iapp which breaks the citrix receiver and web access into different branches. Starting with the Web branch, I replaced the iapp/APM AD Auth with the DUO-Radius authentication. I can login successfully but the citrix page will loop with the error cannot connect to server.

 

2 REPLIES 2

The-messenger
Cirrus
Cirrus

I'm sure my issue is in adding the duo-radius auth piece. The default radius branch rule expression is Successful:Radius has passed. I believe I need an expression that AD Authentication will accept and also pass on the credentials/authentication.

 

The-messenger
Cirrus
Cirrus

So I solved this by simply adding Duo-Radius and had to place it after "sso credential mapping".