Citrix NetScaler introduce to their Application Delivery Controller (ADC), which is a line of products which are known as the Citrix AccessGateway (CAG). It is majorly used to secure remote access.Citrix Gateway is a customer-managed solution that can be used on any public cloud and on premises for example Google Cloud Platform, AWS, Azure etc. It server secure access along with single sign-on to all the virtual, SaaS and web applications they need to be productive.
miniOrange provides secure access to cisco netscaler gateway for enterprises and full control over access of cisco netscaler gateway application. Single Sign On (SSO) into your cisco netscaler gateway Account with one set of login credentials.
miniOrange supports both IdP (Identity Provider) and SP (Service Provider) initiated Single Sign On (SSO)
Follow the Step-by-Step Guide given below for cisco netscaler gateway Single Sign On (SSO).
Step 1: Configure Single Sign On (SSO) Settings for cisco netscaler gateway
- Log in as a customer from the Admin Console.
- Go to Apps >> Manage Apps. Click on Configure Apps button.
- Click on SAML tab. Select cisco netscaler and click on Add App button.
- Enter the SP Entity ID as https://nssp2.example.com
- Enter the value of ACS URL as https://nssp2.example.com/cgi/samlauth .
Here, enter your Share File account URL followed by /cgi/samlauth.
- Select the Email ID from the Name ID dropdown.
- Go to the Add Policy and select DEFAULT from the Group Name dropdown
- Now enter the cisco netscaler gateway in the "Policy Name field.
- Select PASSWORD from the First Factor Type dropdown.
- Click on Save to configure cisco netscaler gateway.
- Click on Metadata link to download the metadata which will be required later. Click on Link to see the IDP initiated SSO link for cisco netscaler gateway
- Click on Download Metadata link to download the certificate which will be required later.
Step 2: Configure cisco netscaler gateway settings for miniOrange
- Login the Citrix NetScaler admin interface with admin rights
- Click on Configuration tab, select Traffic Management >> SSL >> Certificates.
- Note: If case if you are using Netscaler 11.1 then select Traffic Management >> SSL >> CACertificates >>Install.
- Enter identify name as Certificate-Key Pair Name.
- Click on the down arrow which is next to the Browse button to select local. Select the x.509 certificate which is downloaded in step 1. Click on Install.
- On Configuration page, select NetScaler Gateway >> Policies >> Authentication >> SAML >> Servers tab, then click on Add.
- In the Create Authentication SAML Server form, Enter Name IDP as certificate Name.
- Enter the value from Redirect URL as https://nssp2.example.com/cgi/samlauth
- Enter the value from Single Logout URL as https://nssp2.example.com/cgi/tmlogout
- Enter User Field ( Note: It should be Name ID untill another identifier is being used)
- Enter the certificate for your Gateway VIP as Signing Certificate Name. Enter your Gateway VIP URL as Issuer Name.
- In the Signature Algorithm section, select RSA-SHA256 as Signature Algorithm, SHA256 as Digest Method and POST as SAML Binding. Click on OK .
- Go back in the SAML section, select the Policies then click on Add. Now, add details, Enter Name as per your requirement.
- Click down menu and select your created Server Entry. Enter ns_true as the value of Expression. Click on OK.
- On the left side, select Virtual Servers below NetScaler Gateway section.
- Locate the virtual server to bind miniOrange SAML, Click on Edit.
- Under Authentication section and unlash any existing policies, after that close the Authentication sub-window.
- Go back in Virtual Server configuration screen, under the Authentication section, select plus (+) icon.
- Select SAML as Choose Policy and Primary as Choose Type then Click on Continue.
- Under the Policy Binding section, click on SAML policy which you created earlier.
- Click on the radial button which is in left and click on OK. Set the Priority as 100 and click on Bind.
- Go back to Virtual Server configuration screen and click on Done.
Step 3: Onboard users into our system
- Click on Users >> Add User.
- Here, fill the user details without the password and then click on the Create User button.
- Click on On Boarding Status tab. Check the email, with the registered e-mail id and select action Send Activation Mail with Password Reset Link from Select Action dropdown list and then click on Apply button.
- Now, Open your email id. Open the mail you get from miniOrange and then click on the link to set your account password.
- On the next screen, enter the password and confirm password and then click on the Reset Password button.
- Now, you can log in into miniOrange account by entering your credentials.
Step 4: Login to miniOrange Account
- Go to miniOrange dashboard and select User Dashboard from right side menu.
- Click on cisco netscaler gateway application which you added, to verify your sso configuration.
Citrix netscaler gateway
For further details refer :
miniOrange Single Sign On SSO
We offer Security Solutions of Single Sign-On, Two Factor Authentication, Fraud Prevention and much more.
Please call us at +1978 658 9387 or email us at firstname.lastname@example.org