Configure Citrix Netscaler gateway to interoperate with Okta via RADIUS

Topics

• Before you begin
• Typical workflow
• Additional considerations

Before you begin

See Citrix Gateway supported versions, clients, features and factors for a complete list of supported version, factor and related information.

Typical workflow

Task	Description
Download the RADIUS agent	Download the Okta RADIUS Agent from the Settings > Downloads page your in Okta org. Note that there are both Windows and Linux agents. For throughput, availability and other considerations, see Okta RADIUS Server Agent Deployment Best Practices.
Install the Okta RADIUS Agent.	Install either the Windows or Linux RADIUS agents as appropriate for your environment.
Configure application	In your Okta org, configure the Citrix Gateway application.
Configure gateway	Using the Citrix Gateway configuration tool, configure the Citrix Gateway.
Configure optional settings	Configure optional settings as required, such as vendor specific attributes.

Additional considerations

• Citrix Gateway does not support a user’s first time Okta setup. All users using Okta MFA at Citrix gateway must first login to their Okta portal and configure MFA. It is possible via Rewrite policies or CCS style sheet customizations to add links to the Gateway login page to direct first time users to their Okta login portal for initial registration.
• Citrix Gateway also does not currently have a solution for self-service password reset. Using Rewrite policies or page customizations, a link can be added to the Gateway login page to direct a user that is unable to login, to their Okta tenant password reset page.

Related topics

• Citrix Gateway end user experience
• Citrix Documentation: Citrix Gateway Product Documentation