Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry 2FA
  3. BlackBerry 2FA - Server Configuration Guide
  4. Configuring a connection between the BlackBerry 2FA server and a VPN gateway
  5. Configuring the connection to the BlackBerry 2FA server on Citrix NetScaler

Configuring the connection to the
BlackBerry 2FA
 server on
Citrix NetScaler

If you are using
Citrix NetScaler
, you can configure the connection to the
BlackBerry 2FA
 server by adding it as a RADIUS server. If you have more than one
BlackBerry 2FA
 server in your environment, you must configure a separate RADIUS server for each.
For detailed instructions on how to configure
NetScaler
 to connect to the
BlackBerry 2FA
 server, visit http://docs.citrix.com/en-us/netscaler.html to read about “Configuring RADIUS Authentication” in the
NetScaler
 system documentation.
For example, you can configure a connection to one
BlackBerry 2FA
 server and use
BlackBerry 2FA
 as the default authentication method. If you want to configure this example, in the configuration utility for
NetScaler
, you must set the authentication settings under the global settings as follows:
  • "Maximum Number of Users", "Max Login Attempts", and "Failed Login Timeout" as required by your organization
  • Authentication type set to RADIUS
  • IP address set to the
    BlackBerry 2FA
     server
  • Port set to 1812
  • Timeout between 60 and 90 seconds for the connection between
    NetScaler
     and the
    BlackBerry 2FA
     server
  • Unique shared secret
  • "Enable NAS IP address extraction" selected
  • "Password Encoding" set to the authentication protocol supported by the VPN authentication option you've chosen (
    BlackBerry 2FA
     does not support the "chap" option)
  • Accounting set to Off