Manage Connectivity
You can specify a set of resource locations (connectors) through which AD or RADIUS servers can be reached. Admins can choose the Resource Locations through which back-end AD and RADIUS servers must be reached.
To enable this feature, customers can set up a mapping between their back-end AD/RADIUS server subnets such that if the authentication traffic falls under a specific subnet, then that traffic is directed to the specific resource location. However, If a resource location isn’t mapped to a subnet, then admins can specify to use the wildcard resource location for those subnets.
Note:
It is recommended to perform manage connectivity configuration through the Adaptive Authentication portal’s user interface rather than directly on NetScaler® (using GUI or CLI). Changes made on NetScaler are not automatically synced with the Adaptive Authentication portal and might be lost.
-
On the Adaptive Authentication UI, click Manage Connectivity.
-
Enter the subnet details and select the respective resource location.
Note:
If you clear the Use any available resource location for remaining subnets checkbox, only the traffic directed towards the configured subnets is tunneled.
-
Click Add, and then click Save Changes.
Note:
- Only RFC1918 IP address subnets are allowed.
- The number of subnet-resource location mappings per customer is limited to 10.
- Multiple subnets can be mapped to a single resource location.
- To update the subnet entry, delete the existing entry and then update.
- If you rename or remove the resource location, make sure to remove the entry from the Manage Connectivity screen in the Adaptive Authentication user interface.
- Any changes made to the resource location mapping by using the following CLI commands are overwritten by the changes pushed from the user interface (Adaptive Authentication Provisioning > Manage Connectivity).
set cloudtunnel parameter -subnetResourceLocationMappings
set policy expression aauth_allow_rfc1918_subnets <>
set policy expression aauth_listen_policy_exp <>
-
Click Next to go to Instance Management section.