NimbostratusHorizon View 2FA with AD and Radius
Hi everybody.
I'm trying to set up a Horizon View solution through BigIP with APM. I've got my View environment to work, and I'm able to log in with 2FA via the browser and open my VDI resources. My issue is when I'm trying to configure 2FA with the Horizon View Client.
My AP looks as following:
As a 2FA we're using a raduis server that sends an SMS to a mobile phone. As stated above, this configuration works when using a browser, but not when using the Horizon View client. The same radius server is used for both the Client and browser. When using the Horizon View Client, I'm first asked for my username and password and this is authenticated towards AD. This is by design and is working as it should. I'm then trying to do a radius auth, I receive the SMS, but when I type it in the client just ask for a new code.
AD login works fine:
First prompt for radius authentication:
Second prompt for radius authentication opens up regardless of whether the password in the first attempt was correct or not:
When I use the browser, the experience is the same with first an AD login, and then prompted for the PASSCODE. After the passcode is entered, "Browser RADIUS Auth" is successful and access is allowed. If I remove the "View RADIUS Auth" from the VPE, everything works fine.
My "View Radius Auth" looks like this:
Any ideas?
