"Access to your company network is not currently available" Error message while accessing Secure Hub XenMobile Store

"Access to your company network is not currently available" Error message while accessing Secure Hub XenMobile Store

book

Article ID: CTX226425

calendar_today

Updated On:

Description

Attempts to access the Store in Secure Hub causes an error "Access to your company network is not currently available". Please find the snapshot of an error message.

User-added image



Logs 

 2017-08-04T16:21:53.886+0200 ",X1AuthController,INFO (4),-[AuthController getCertificateForURL:callback:],"Providing the certificate to Auth Manager.",-,com.apple.root.default-qos,45a7,Secure Hub,/jenkins/workspace/iOS_Secure Hub/AppStore/Me@Work/Me@Work/X1Auth/AuthController.m,1337 
" 2017-08-04T16:21:53.886+0200 ",<CAMAUTH>,INFO (4),__87-[CAMAuthController getClientCertCredentialsForURL:isAuthenticatingToGateway:callback:]_block_invoke,"returned with credential(0x170019f40), ID(fc03791dabcd4ebd28653561c94a4b3ca5a9adf4), error((null)), callback(0x16df86cc8)",-,com.apple.root.default-qos,45a7,Secure Hub,/jenkins/workspace/iOS_SDK_AuthManager_Main/AuthManager/AuthManager/CAMAuthController.m,97 
" 2017-08-04T16:21:53.886+0200 ",<CAMAUTH>,INFO (4),__RespondToClientCertChallenge_block_invoke,"Request #31 providing client cert (0x170019f40) for certificate auth challenge",-,com.apple.root.default-qos,45a7,Secure Hub,/jenkins/workspace/iOS_SDK_AuthManager_Main/AuthManager/AuthManager/CAMAsyncHTTPImpl.m,275 
" 2017-08-04T16:21:53.937+0200 ",<MDM>,DEBUG1 (6),-[MdmStatusData authenticationRequiredAfter:],"authenticationRequiredAfter: Authentication still valid (704 background time vs. 0 allowed)",Active,com.apple.main-thread,403,Secure Hub,/jenkins/workspace/iOS_Secure Hub/AppStore/MDM/Common/Source/AppSupport/MdmStatusData.m,2008 
" 2017-08-04T16:22:17.965+0200 ",WHGenericVault,INFO (4),__32-[WHGenericVault isUserEnrolled]_block_invoke,"User is MDM enrolled: 1",-,com.citrix.GenericVaultQueue,c 

 

Resolution

After setting up "Certificate authentication" on XenMobile Server, we need to ensure that you set the appropriate settings on the NetScaler Gateway virtual server.

More importantly, 'Client Certificate' option should be enabled (checked) and set to 'Mandatory'.
These settings are found under Netscaler Gateway -> SSL Parameters -> Client authentication

User-added image

Problem Cause

This behaviour can arise when XenMobile server is set to use CBA (Cert Based Authentication) but the NetScaler Gateway vServer is configured for Domain+LDAP and not CBA configured.

Issue/Introduction

XenMobile, users are unable to connect Secure Hub XenMobile Store and they see an error stating "Access to your company network is not currently available".

Additional Information

https://support.citrix.com/article/CTX220479
Powered by Wolken Software