Unable to enroll new devices / access failing on Existing devices after upgrading ADC to 12.1.62.27
Article ID: CTX328200
Updated On:
Description
After upgrading Citrix ADC from 12.1.57.18 to 12.1.62.27, Existing and New devices are failing to connect.
If we check the /var/log/ns.log for the user when enrolling we would see the SSO failure error. The similar message would appear there.
"SSO FAIL forwading to client because of weak SSO user <username>"
Resolution
As per the latest updates on 12.1.62.27 version ADC has made some enhancements and security updates for the SSO to function along with MDM/MAM enrollment. This is application on Storefront Setup also where ever SSO is used.
Please add the following Traffic policy on ADC.
add vpn trafficAction sso_vpn_traffic_action http -SSO ON
add vpn trafficPolicy sso_vpn_traffic_policy TRUE sso_vpn_traffic_action
bind vpn vserver <vpn_vserver_name> -policy sso_vpn_traffic_policy -priority 100
Please add the following Traffic policy on ADC.
add vpn trafficAction sso_vpn_traffic_action http -SSO ON
add vpn trafficPolicy sso_vpn_traffic_policy TRUE sso_vpn_traffic_action
bind vpn vserver <vpn_vserver_name> -policy sso_vpn_traffic_policy -priority 100
Problem Cause
Enhancements made to the latest version.Issue/Introduction
Cannot Complete request or SSO failing.
Additional Information
Feel free to refer to: https://www.ferroquesystems.com/resource/issue-cannot-complete-your-request-error-after-citrix-adc-13-0-b64-35-upgrade/
Was this article helpful?
Yes
No
Powered by
