Authentication server configuration in Standard license is not persistent on reboot in Citrix Gateway. Users get an empty page with an error (just as when your content-switching virtual server does not have a policy bound and no default vServer).

Note: Standard edition license does not have AAA feature support, but creating a non-addressable authentication server is allowed. However this AAA virtual server is removed from the config on reboot. Authentication profile (bound to the Gateway vServer, if any) will be pointing to a non-existing AAA virtual server.

This issue can be mitigated by modifying the configuration file in the Citrix ADC.

1. The saved configuration file (ns.conf) has to be modified to change the authentication vserver configuration as below: Modify the line by eliminating the "0.0.0.0" IP address as below:
   From: add authentication vserver <name> SSL 0.0.0.0
   To: add authentication vserver <name> SSL 

2. This can also be mitigated by reapplying the authentication vServer configuration without specifying 0.0.0.0 in the command on the console every time a reboot happens.
   > add authentication vserver <name> SSL

This issue will be fixed in GA version 13.0-71.x and above

---

Problem Cause

The authentication vServer configuration in the standard license is not persistent upon a reboot. This happens because ADC does not consider 0.0.0.0 as a non-addressable IP address. Hence, the authentication vServer configuration which is stored as : add authentication vserver <name> SSL 0.0.0.0 throws an error while rebooting the machine.

Citrix ADC 13.0 67.X has an issue in the support for authentication server in HA, cluster, and single-node deployment scenario in the standard license. The Non- addressable server configuration is not being restored after reboot.