NimbostratusHi,
I'm running F5 v 16.1.2. I have managed to get Duo working normally using the document supplied by duo by configuring radius/duo via APM.
The problem I have is that when I try connecting via Citrix Workspace I do not get the duo push. I just get a duo prompt for a password which does not seem to work with any duo passcodes I have. The Duo push does not appear either.
Does anyone have a workaround for this.
AltostratusOn the F5 create a new Radius access profile in Access ›› Authentication : RADIUS with a custom port. I am assuming you are already using Radius port 1812 for the traditional iFrame with your Citrix Access Policy. After you create this open the branch in your Citrix Access Policy for Workspace click the plus sign in front of your resource box that has your DDCs, choose the authentication tab and add the Radius auth policy. For the AAA Server drop-down menu choose the profile you created
You need to set up the DUO authproxy.cfg file with the stanza [radius_server_auto]
For example:
[radius_server_auto2]
ikey=xxxxxxx
skey=xxxxxxxxx
api_host=xxxxxx.duosecurity.com
radius_ip_8=<F5 Self IPs>
radius_secret_8=xxxxxxx
radius_ip_9=<F5 Self IPs>
radius_secret_9=xxxxxx
port=<Port Number> Change this so it doesnt conflict with your iFrame setup
client=<LDAP AUth>
failmode=safe
This should send an automatic push.