Adaptive Authentication service

Manage Connectivity

July 16, 2025

Contributed by:

You can specify a set of resource locations (connectors) through which AD or RADIUS servers can be reached. Admins can choose the Resource Locations through which back-end AD and RADIUS servers must be reached.

To enable this feature, customers can set up a mapping between their back-end AD/RADIUS server subnets such that if the authentication traffic falls under a specific subnet, then that traffic is directed to the specific resource location. However, If a resource location isn’t mapped to a subnet, then admins can specify to use the wildcard resource location for those subnets.

Specify connectors

Note:

It is recommended to perform manage connectivity configuration through the Adaptive Authentication portal’s user interface rather than directly on NetScaler (using GUI or CLI). Changes made on NetScaler are not automatically synced with the Adaptive Authentication portal and might be lost.

On the Adaptive Authentication UI, click Manage Connectivity.
Enter the subnet details and select the respective resource location.

Note:

If you clear the Use any available resource location for remaining subnets checkbox, only the traffic directed towards the configured subnets is tunneled.
Click Add, and then click Save Changes.
Note:
- Only RFC1918 IP address subnets are allowed.
- The number of subnet-resource location mappings per customer is limited to 10.
- Multiple subnets can be mapped to a single resource location.
- To update the subnet entry, delete the existing entry and then update.
- If you rename or remove the resource location, make sure to remove the entry from the Manage Connectivity screen in the Adaptive Authentication user interface.
- Any changes made to the resource location mapping by using the following CLI commands are overwritten by the changes pushed from the user interface (Adaptive Authentication Provisioning > Manage Connectivity).
  - set cloudtunnel parameter -subnetResourceLocationMappings
  - set policy expression aauth_allow_rfc1918_subnets <>
  - set policy expression aauth_listen_policy_exp <>
Click Next to go to Instance Management section.

The official version of this content is in English. Some of the Cloud Software Group documentation content is machine translated for your convenience only. Cloud Software Group has no control over machine-translated content, which may contain errors, inaccuracies or unsuitable language. No warranty of any kind, either expressed or implied, is made as to the accuracy, reliability, suitability, or correctness of any translations made from the English original into any other language, or that your Cloud Software Group product or service conforms to any machine translated content, and any warranty provided under the applicable end user license agreement or terms of service, or any other agreement with Cloud Software Group, that the product or service conforms with any documentation shall not apply to the extent that such documentation has been machine translated. Cloud Software Group will not be held responsible for any damage or issues that may arise from using machine-translated content.

Was this helpful

Manage Connectivity

July 16, 2025

Contributed by:

July 16, 2025

Contributed by:

Manage Connectivity

In this article