Citrix Netscaler 2FA Not Working with Sophos XG Web Server Protection

Question

As with our current Sophos XGS Firewall Rules and Policies configurations, the Citrix Netscaler 2FA authentication is working. We started planning of using the Sophos XG Firewall Web Server Protection. The license required were purchased and registered to the Sophos XG Firewall. We started configuring our Sophos XG Firewall Web Server Protection and start adding all our web servers and Citrix Netscalerk. 
 The Citrix Netscaler was working but the 2FA Authentication never popup to ask for the 2FA codes. The Citrix Netscaler authentication just went through with the users username and password without 2FA requests. We don't feel right and return the configuration back to the way it was before. Then the 2FA works again. 
 Is there anything in the Web Server Protection that requires to be disabled in order to have the 2FA request works?

Vivek Jagad · Answer

Hi cromwell uy , Thank you for reaching out to the community, Currently OTP tokens can not be used within the WAF, while in UTM we can use OTP also within WAF. This would be a Feature Request ( SFSW-I-976/SFSW-I-1153 ); I'd recommend you reach out to your Account Manager, Sales Engineer, or Sales Representative so that they can enter this request into our system. You can also log a service reques t to intergrade the FR id to your account. 
 Additionally , you can use the in-product feedback in the Sophos Firewall located in the Top Menu Bar.