Citrix Gateway VPN clients and supported features

The following table lists some of the commonly used features supported for each VPN client.

Feature Windows plug-in Mac plug-in Linux SSO for macOS SSO for iOS SSO for Android
AlwaysOn (user mode) Yes (11.1 or higher) No No No No Yes (via MDM)Android 7.0+
PAC file push Yes (12.0 or higher) Yes No Yes Yes No
Client proxy support Yes Yes Yes No No No
Max limit of Intranet Applications 512 128 128 No limit No limit No limit
Intranet IP (IIP) support Yes Yes Yes Yes Yes Yes
Split tunnel ON Yes Yes Yes Yes Yes Yes
Split tunnel reverse Yes Yes Yes Yes Yes No
FQDN based split tunnel Yes-Only ON (13.0 or higher) No No Yes Yes No
Client idle timeout Yes Yes Yes No No No
Endpoint analysis Yes Yes Yes Yes No No
Device certificate (classic) Yes Yes No Yes No No
nFactor authentication Yes (12.1 or higher) No No Yes Yes No
EPA (nFactor) Yes (12.1 or higher) No No Yes No No
Device certificate (nFactor) Yes (12.1 or higher) No No Yes No No
Push notification Yes (12.1 or higher) No No No Yes Yes (device registration only)
OTP token autofill support No No No No Yes Yes

Citrix Gateway VPN clients and supported features