Two-factor authentication for Citrix Receiver for Windows

Currently, Receiver does not support such behavior. It relies on the user having access to the token prior to starting the login attempt

This is possible through a netscaler by the use of radius auth With Challenge respons like here With sms passcode, so where am I missing out? http://www.smspasscode.com/media/1937/netscaler-advanced-guide-for-sms-passcode.pdf

Interesting point, Henrik - was not aware that mobile Receiver supports this type of iterative communication via Radius. It's a bit different with APM as it does its own built-in OTP - so we'd need to investigate exactly how the communication happens between Netscaler and Receiver to ensure that APM can something similar. I would suggest opening a case with support to have it escalated and investigated further.

Done, case id: C1847563

The 11.6.0 HF5 functionality does not cover: 1. APM Webtop (StoreFront replacement) deployment 2. SMS/OTP authentication

What 11.6.0 HF5 enables is ability to display logon dialog with two password fields (for token and AD password) for Windows Receiver client (other clients can be manually configured to display two fields).

When Windows Receiver sees two-password dialog it assumes it is talking to StoreFront, hence limitation (1).

The two-password dialog is not suitable for SMS/OTP case as token is not know to the user up front (as it is in classic RSA+AD case). With single-password dialog APM does not yet support SMS/OTP workflow for Receivers, hence limitation (2).

Hello, is this feature (With single-password dialog APM does not yet support SMS/OTP workflow for Receivers, hence limitation) available in some newest versions of F5?

I'm currently building F5 configuration for Citrix Storefront and we need sms-auth for it. We have some portals with OTP exist and we would like to use OTP when user uses Citrix Receiver to connect Storefront via F5.