Citrix Netscaler configuration for Receiver
Contents
Introduction
Citrix Receiver is a lightweight software client that allows access to virtual desktops and apps including Windows, Web or SaaS apps on any PC, Mac, netbook, tablet or smartphone.
For further information on using Receiver see Citrix Receiver
Prerequisites
Citrix receiver Client
Swivel Appliance or Server
Citrix Netscaler
Netscaler 10.x Configuration for Receiver
To allow Primary and Secondary Authentication using Citrix receiver clients the following policies are required. On the Netscaler Access Gateway select Netscaler Gateway then Virtual Servers, click on the required server then Open. Click on the Authentication tab, and create a policy for RADIUS authentication and a Policy for LDAP authentication for the Primary and Secondary authentication. The below assumes that the Primary authentication server is LDAP and the secondary authentication server is RADIUS for methods other than Receiver authentication.
To create the Policy, click on Insert Policy, then from the drop down Tab below Policy name, click on Insert Policy and enter the following:
Name Name of the Policy
Authentication Type Usually LDAP and the RADIUS authentication servers
Server The authentication server for the above
Under Expression click on Add and select the following:
Expression Type General
Flow Type REQ
Protocol HTTP
Qualifier Header
Operator CONTAINS or NOTCONTAINS
Value Receiver
Header Name
Click on OK then create. Double click on the Priority to set the priority to 90 or 100 as appropriate.
Create policies for each as below.
Authentication Server | Protocol | Priority | Value |
Primary | LDAP | 90 | REQ.HTTP.HEADER User-Agent NOTCONTAINS CitrixReceiver |
Primary | RADIUS | 100 | REQ.HTTP.HEADER User-Agent CONTAINS CitrixReceiver |
Standby | LDAP | 90 | REQ.HTTP.HEADER User-Agent CONTAINS CitrixReceiver |
Standby | RADIUS | 100 | REQ.HTTP.HEADER User-Agent NOTCONTAINS CitrixReceiver |
Multiple Authentication servers can be created by multiple entries of the same priority, such as AD servers.
Authentication Server | Protocol | Priority | Value |
Primary | LDAP | 90 | (REQ.HTTP.HEADER User-Agent NOTCONTAINS CitrixReceiver && REQ.HTTP.HEADER Referer EXISTS) || (REQ.HTTP.HEADER User-Agent CONTAINS CitrixReceiver && REQ.HTTP.HEADER User-Agent CONTAINS HTML5) |
Primary | RADIUS | 100 | REQ.HTTP.HEADER User-Agent CONTAINS CitrixReceiver |
Standby | LDAP | 90 | REQ.HTTP.HEADER User-Agent CONTAINS CitrixReceiver |
Standby | RADIUS | 100 | EQ.HTTP.HEADER User-Agent NOTCONTAINS CitrixReceiver || (REQ.HTTP.HEADER User-Agent CONTAINS CitrixReceiver && REQ.HTTP.HEADER User-Agent CONTAINS HTML5) |
Citrix Access Standard Edition Gateway RADIUS authentication
The following article describes adding RADIUS authentication to the Citrix Access Standard Edition for Citrix Receiver. The RADIUS authentication needs to be set as the primary authentication and AD as the Secondary authentication.
http://support.citrix.com/article/CTX121093
Citrix Access Advanced Edition Gateway RADIUS authentication
The following article describes adding RADIUS authentication to the Citrix Access Advanced Edition for Citrix Receiver.
http://cdn.ws.citrix.com/wp-content/uploads/2009/08/iphone-receiver-admin.pdf
Known Issues and Limitations
It has been observed by our customers that the Citrix Receiver only launches successfully on the Android platform when accessing links via the Mozilla Firefox browser (at the time this article was written)