Configuring XenDesktop to support RADIUS Authentication
Step 1 - Go to the Start Menu and click on ‘All Programs’, then ‘Citrix’, then ‘Management Consoles’, then open ‘Citrix Web Interface Management’.
Step 2 – Select ‘XenApp Web Sites’, then right-click on the site that you want to add two factor authentication to.
Step 3 – Click ‘Authentication methods’
Step 4 - Select ‘Explicit’ then click ‘Properties’
Step 5 – Click on ‘Two-Factor Authentication’, then set the ‘Two-factor setting’ to ‘RADIUS’
Step 6 - Click ‘Add‘, then type in the IP address and port of the AuthAnvil Radius Server, then click ‘OK’. (The AuthAnvil Radius Server runs on port 1812 by default)
Step 7 - Click ‘OK’, then ‘OK’ again, and close the Citrix Access Management Console.
Step 8 – The XenDesktop web interface requires that the RADIUS secret that has been configured between this client and the AuthAnvil RADIUS Server is placed in a text file in the Citrix\RADIUS\CONF directory.
- Go to C:\inetpub\wwwroot\Citrix\<site_name>\conf folder and create a file called radius_secret.txt.
- Open this text file and enter your RADIUS shared secret passcode.
- Save the file and close it.
- For Web Interface 5.2 or later: Go to folder and open the file Web.config with a text editor like Notepad. On Java application servers, the file is web.xml file.
- Search for line # 102 or the following parameter:
<add key="RADIUS_NAS_IDENTIFIER" value="" />12.
- For value, enter any alphanumeric value longer than 3 characters.
- Save the Web.config file and test your Web Interface site.
- To test the Site, log on to the website you protected with AuthAnvil. You will now see a Passcode field.
- The passcode for this field is your AuthAnvil PIN + the next OTP from your token.