Configure the Citrix Gateway

During this task we will configure the Citrix Gateway.

Before you begin

  • Ensure that you have the common UDP port and secret key values available.
  • Ensure that a Gateway VIP is configured, see Integrate on the Citrix site for more information.

Configure the Citrix Gateway

  1. Log into the Citrix Gateway admin interface with admin rights.
  2. Navigate to the Configuration tab
  3. From the Configuration page, select + Citrix Gateway + Policies + Authentication + RADIUS.
  4. In the main body configuration for RADIUS select the Servers tab.
  5. Click the Add button.

  6. In the Create Authentication RADIUS Server dialog, complete all sections, selecting either Server Name or Server IP to use to define the server running the Okta RADIUS agent. The port number and secret key can be verified in the Okta RADIUS agent admin tool.
  7. Click on the More (or Details) drop down and verify Password Encoding is set to pap.

    • The available group settings and attributes can be used for Citrix permissions as required.
  8. Click OK to save the Server definition.
  9. Return to in the RADIUS section, and select the Policies tab.
  10. Click on the Policies -> Add.
  • Enter a name.
  • In the the Server* drop down, select the Server Entry just created.
  • In the Expression window, for the value, enter ns_true .
    This setting sets this policy active whenever it is bound to a VIP.
    If required, more restrictive expressions can be created to allow for more control over when this RADIUS policy is applied.
  • Click OK to save the policy.

  1. In the left hand tree under Citrix Gateway, select Virtual Servers .
  2. Locate the virtual server which you want to bind Okta RADIUS onto.
  • Select the Edit button, as shown below.

  • Scroll to the Authentication section and unbind any existing policies and close the Authentication sub-window.
  • Back in the Virtual Server configuration screen, in the Authentication section, select the + (plus) on the right hand side of the section title.

  • In the Choose Policy option select RADIUS. In the Choose Type option select Primary, and then, click Continue.

  • In the Policy Binding section, click the > to select the RADIUS policy that you created in section 7, above. Click the radial button to the left of the policy and click OK (or Select).
  • Set the Priority to 10 and click Bind.

  1. In the Virtual Server configuration screen scroll to the end, and click Done.