Product Documentation
NetScaler Gateway Clients
Current Release 13.1 13.0 12.1
View PDF

Release Notes

September 1, 2023
Contributed by:
C H S

Important:

  • Citrix SSO refers to Citrix Secure Sign-On and is used interchangeably in NetScaler Gateway and NetScaler Gateway clients documentation.

  • FQDN based split tunneling and nFactor authentication support are currently in preview.

  • Citrix SSO app is not supported for Android 6.x and lower versions after June 2020.

The Citrix SSO release notes describe the new features, enhancements to existing features, fixed issues, and known issues available in a service release. The release notes include one or more of the following sections:

What’s new: The new features and enhancements available in the current release.

Fixed issues: The issues that are fixed in the current release.

Known issues: The issues that exist in the current release and their workarounds, wherever applicable.

V23.8.1 (31-Aug-2023)

What’s new

  • Automatic restart of Always On VPN

    SSO Citrix应用程序自动重启the Always On VPN when an app that is part of the allow or block list is installed in a work profile or a device profile. Traffic from this app is automatically tunneled over a VPN connection without restarting the work profile or rebooting the device. To enable the automatic restart of Always On VPN, end users must grant theQuery all packagesconsent to the Citrix SSO app. For more information, seeAutomatic restart of Always On VPN.

    [CSACLIENTS-6158]

  • Enable debug logging in a managed VPN profile

    MDM admins can now enable debug logging as a custom parameter in the managed VPN profile of the Endpoint Management console. To enable debug logging, the value ofEnableDebugLoggingmust be set to True. If any of the managed VPN configurations has debug logging enabled, the debug logging functionality takes effect when the configurations are parsed. For more details, seeCustom parameters for Intune configuration.

    [CSACLIENTS-3746]

Fixed issues

  • Sometimes, the Citrix SSO app might fail to tunnel the traffic to some resources. This issue occurs when split tunneling is set to OFF and some unreachable domains or IP addresses are blackholed.

    [NSHELP-35555]

V22.11.1 (30-Nov-2022)

What’s new

  • Citrix Secure Access is updated to target Android 12.1 (API level 32)

    Citrix Secure Access is now updated to target Android 12.1 (API level 32). In case of per-app VPN, the VPN service might not restart automatically, if one of the packages in the per-app VPN package list is installed after the VPN tunnel setup. This is due to the app visibility restrictions introduced in Android 11. For details, seehttps://developer.android.com/training/package-visibility.

    [CGOP-21409]

V22.10.1 (21-Oct-2022)

What’s new

  • Display of the app’s version number is updated to the format YY.MM.point-release, where YY is the 2-digit year, MM is the 2-digit month, and point-release that is 1+ depending on the release number within a month.

  • Google Analytics/Crashlytics data collection from EU region is disabled for Android clients.

Fixed issues

  • Error messages that appear for an invalid input in the Add Connection and Edit connection screens are not localized.

    [CGOP-22060]

V2.5.3 (05-May-2022)

What’s new

  • Citrix SSO updated to Android 11 target SDK (API 30)

    The Citrix SSO app is now updated to Android 11 target SDK (API 30). This change requires that Microsoft Intune NAC v2 APIs are used by NetScaler Gateway for device compliance check. For details, refer to the KB articlehttps://support.citrix.com/article/CTX331615.

    [CGOP-19774]

Fixed issues

  • Sometimes, Citrix SSO might not use an alternate DNS server for host name resolution after a network change.

    [NSHELP-29378]

V2.5.2 (21-Oct-2021)

Fixed issues

  • Sometimes, Citrix SSO crashes when handling a non-compliance error in NAC check.

    [CGOP-19198]

V2.5.1 (12-Aug-2021)

Fixed issues

  • Citrix SSO app fails to resolve host when the CNAME chain is longer than 6 hops.

    [CGOP-18475]

  • Citrix SSO displays an authentication prompt when NAC check only authentication is required by NetScaler Gateway.

    [CGOP-18348]

  • Citrix SSO might crash while processing unusually large ICMP packets.

    [CGOP-18286]

  • Citrix SSO might crash when adding a VPN profile on some Android 8.0 devices.

    [CGOP-17607]

  • Citrix SSO might crash when you restart the VPN configured for Always On.

    [CGOP-17580]

  • Citrix SSO might crash when handling an SSL error in the nFactor authentication flow.

    [CGOP-17577]

V2.5.0 (08-Jun-2021)

What’s new

  • Support for FQDN based split tunneling

    Citrix SSO for Android now supports FQDN based split tunneling.

    [CGOP-12079]

Fixed issues

  • Citrix SSO preview build 2.5.0 fails (110) to connect to NetScaler Gateway versions 12.1 and earlier.

    [CGOP-17735]

  • The “DisableUserProfiles” setting is not applied after the SSO app is restarted.

    [CGOP-17454]

V2.4.16 (31-Mar-2021)

Fixed issues

  • The nFactor authentication is aborted if safe browsing is not be enabled on some devices.

    [CGOP-17514]

V2.4.15 (17-Mar-2021)

Fixed issues

  • Sometimes, Citrix SSO does not reconnect Always On VPN when session timeout happens on the NetScaler Gateway appliance.

    [CGOP-16800]

V2.4.14 (23-Feb-2021)

Fixed issues

  • Citrix SSO requires user interaction when Always-On VPN with certificate only authentication is used along with nFactor authentication.

    [CGOP-16805]

  • Sometimes, Citrix SSO might crash during VPN service restart or transition.

    [CGOP-16766]

V2.4.13 (04-Feb-2021)

Fixed issues

  • In some cases, the Citrix SSO login request times out before NetScaler Gateway responds.

    [CGOP-16759]

V2.4.12 (15-Jan-2021)

This release addresses various issues that help to improve overall performance and stability.

V2.4.11 (08-Jan-2021)

  • Classic authentication fails because the Citrix SSO sends an HTTP header (X-Citrix-Gateway) to the NetScaler Gateway which is used only in nFactor authentication.

    [CGOP-16449]

V2.4.10 (09-Dec-2020)

Fixed issues

  • Sometimes, classic authentication might fail for Android devices.

    [CGOP-16219]

  • Citrix SSO might crash when performing classic authentication.

    [CGOP-16012]

  • Citrix SSO的方向应用不查nge when you rotate the device.

    [CGOP-639]

V2.4.9 (20-Nov-2020)

Fixed issues

  • Citrix SSO app crashes when a user taps the TOTP token value on the device.

    [CGOP-15886]

V2.4.8 (04-Nov-2020)

Fixed issues

  • Citrix SSO might crash when disconnecting the VPN after a session timeout on the gateway.

    [CGOP-15592]

V2.4.7 (12-Oct-2020)

This release addresses various issues that help to improve overall performance and stability.

V2.4.6 (28-Sep-2020)

This release addresses various issues that help to improve overall performance and stability.

V2.4.5 (16-Sep-2020)

What’s new

  • New NetScaler logo is introduced.

    [CGOP-15327]

V2.4.4 (10-Sep-2020)

Fixed issues

  • Sometimes, Citrix SSO crashes when reconnecting the VPN session.

    [CGOP-15215]

V2.4.3

Known issues

  • Citrix SSO fails to establish a VPN session to NetScaler Gateway when the Android device is resource constrained.

    [NSHELP-24647]

V2.4.2

Fixed issues

  • Citrix SSO app crashes when loading previously saved corrupt token data. With this fix, the token value is displayed as “Token data corrupted” for corrupt tokens in the token list. Remove the corrupt tokens and add it again.

    [CGOP-14546]

V2.4.1

Fixed issues

  • Citrix SSO app is not supported for Android 6.x and lower versions after June 2020.

    [CGOP-13853]

V2.3.19

This release addresses various issues that help to improve overall performance and stability.

V2.3.18

What’s New

  • Proxy configuration is now supported in the Android Citrix SSO app for Android 10 devices.

    [CGOP-12007]

V2.3.17

This release addresses various issues that help to improve overall performance and stability.

V2.3.16

This release addresses various issues that help to improve overall performance and stability.

V2.3.15

What’s New

  • Citrix SSO app now supports NetScaler Gateway certificate pinning for managed VPN profiles.

    [CGOP-12538]

  • Citrix SSO app for Android 10 now detects Always On VPN from the system settings.

    [CGOP-12656]

Fixed issues

  • Citrix SSO app crashes when disconnecting from VPN if there are only MDM VPN profiles defined.

    [CGOP-13825]

V2.3.14

What’s New

  • Citrix SSO app can now perform user authentication on behalf of Citrix Workspace app for native app single sign-on.

    [CGOP-12083]

  • VPN service restarts if one of the packages in the per-app VPN package list is installed after the VPN tunnel setup.

    [CGOP-11262]

Fixed issues

  • Citrix SSO now correctly handles the final VPN session establishment message.

    [CGOP-12488]

  • The NetScaler Gateway IP address is now resolved only once. Earlier, the NetScaler Gateway IP address was resolved multiple times that resulted in connection failures sometimes.

    [CGOP-12101]

Known issues

  • Always-On VPN status is not always updated correctly in the app user interface.

    [NSHELP-21709]

V2.3.13

Fixed issues

  • The NetScaler Gateway IP address is now resolved only once.

    Earlier, the NetScaler Gateway IP address was resolved multiple times that resulted in connection failures sometimes.

    [CGOP-12101]

Known issues

  • Always-On VPN status is not always updated correctly in the app user interface.

    [NSHELP-21709]

V2.3.12

Fixed issues

  • Citrix SSO might crash when saving a VPN profile.

    [CGOP-12137]

V2.3.11

Fixed issues

  • Citrix SSO might crash when saving a VPN profile.

    [CGOP-12137]

  • The disableUserProfile setting is not correctly reflected in the user interface when a new VPN profile or update to an existing profile results in the change of the disableUserProfile value.

    [CGOP-11899]

  • Citrix SSO for Android does not process VPN profiles in Device Owner (DO) mode.

    [CGOP-11981]

  • VPN connection is not established when there are IPv6 only local DNS servers.

    [CGOP-12053]

V2.3.10

Fixed issues

  • VPN connection lost after some idle time on the device.

    [CGOP-11381]

V2.3.8

What’s new

  • 设置Citrix SSO Intune Android应用程序Enterprise environment

    You can now set up the Citrix SSO app in an Intune Android Enterprise environment. For details, see设置Citrix SSO Intune Android应用程序Enterprise environment.

    [CGOP-635]

  • Support for VPN profile provisioning via Android Enterprise

    VPN profile provisioning via Android Enterprise is now supported.

    [CGOP-631]

Fixed issues

  • If you save a token that is already saved and then try to open it, garbled characters appear in the token name.

    [CGOP-11696]

  • Citrix SSO app fails to establish a VPN session if no DNS search domains are configured on NetScaler Gateway.

    [CGOP-11259]

V2.3.6

What’s new

  • Always On support for Citrix SSO

    The Always On feature of Citrix SSO ensures that users are always connected to the enterprise network. This persistent VPN connectivity is achieved by an automatic establishment of a VPN tunnel.

    [CGOP-10015]

  • Notification to relogin is displayed if Athena token expiry causes a logout

    A notification prompting the users to relogin to Citrix Workspace is displayed if the following conditions are met.

    • Always On feature is enabled in the Citrix Workspace provisioned VPN profile
    • Athena authentication is used for SSO
    • User is signed out of the Citrix Workspace app because of Athena token expiry

    [CGOP-10016]

  • Registration for Push notification service is done using NetScaler Gateway

    You can now register for push notification service using the NetScaler Gateway appliance. Earlier the registration was done on the client device.

    [CGOP-10542]

Fixed issues

Sometimes, Citrix SSO crashes when a new token is scanned. For example, Citrix SSO crashes when an existing token is deleted and another one is scanned with the same token name.

[CGOP-10818]

V2.3.1

What’s new

  • Managed configurations are updated to include more user settings

    Managed configurations are updated to include “BlockUntrustedServers,” “DefaultProfileName,” and “DisableUserProfiles” settings for Android Enterprise environments.

    [CGOP-10033]

  • Enhanced Push notification support

    Upon configuring NetScaler Gateway for Push Notification with type “OTP,” PIN/fingerprint is not asked after the user selects “Allow” in response to the Push Notification requesting the user’s consent for allowing the authentication to proceed.

    [CGOP-9843]

  • Firebase Analytics support

    Support for basic Firebase Analytics is added to provide usage information about the Citrix SSO app. The enhancement is applicable to coarse geolocations, screen usage, different versions of Android in use and so on.

    [CGOP-7523]

  • Support for Android Managed Configurations based VPN profile configuration

    Citrix SSO app can be configured in the Android Enterprise environment using an EMM/UEM vendor like Citrix Endpoint Management. The Android Enterprise Managed Configurations wizard in CEM can be used to deploy managed VPN configurations to the Citrix SSO app. For information on how to configure the Citrix SSO app using Managed Configurations, referVPN device policy.

V2.2.9

What’s new

  • Push Notification support

    NetScaler Gateway sends a push notification on your registered mobile device for a simplified two-factor authentication experience.

    [CGOP-9592]

Fixed issues

  • Non-URL characters are allowed in the Server field under the Add Connection screen.

    [CGOP-588]

Release Notes
September 1, 2023
Contributed by:
C H S
September 1, 2023
Contributed by:
C H S

In this article

Site feedback | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999-Cloud Software Group, Inc. All rights reserved.