In this document we will look at the deployment of Swivel Secure's great PINsafe product, where we will force users who work against our Citrix platform to have a double authentication and validate themselves with their Active Directory authentication in addition to entering an OTC code based on their PIN so that they cannot access our platform before a keylogger and try to secure the accesses more!!
If instead of using local users with Citrix Access Gateway what we want is to take advantage of our Windows Active Directory, our domain users to validate us when connecting from abroad, we must install the IAS service on a server in our network (Internet Authentication Service), configure it and indicate in the CAG that it is so. Be careful, if the CAG is in the DMZ, we need to map the RADIUS ports to the IAS server, What are the 1812 and the 1813, TCP both.
This procedure explains how to configure a Citrix Access Gateway device that allows us to connect to our VPN using this device. If we don't physically have the hardware, we can create a CAG virtual machine to perform tests, Never for End Use – HERE.
This document briefly explains how a user from the Internet would connect to our network or DMZ servers using the CAG Client. First of all, the user needs to connect to the internet, if it is the first time you are going to connect you need to download the VPN client called Citrix Secure Access Client, but if you have already connected more times, you would only have to run the shortcut that you will have on the desktop.
Do Tailor-made training
Windows Server – VMware vSphere – Citrix Virtual Apps & Desktops – Centreon
|
We are a consulting firm that cares and pampers
|
 |
|
With quality and added value
|
 |
|
¡Let's work together!
|
 |
