NetScaler – Native OTP is breaking SSL VPN

Reading Time: < 1 minute

If you are using NetScaler OTP authentication on your Gateway watch out when working with SSL VPN. After creating the session profile/policy I was able to connect to the Gateway and access some of the internal ressources. Unfortunately I couldnt get a working RDP connection or access some management websites via https (custom port).  I always was presented with the error: SSL_ERROR_RX_RECORD_TOO_LONG
ICMP request to the backend servers have been working as well.

The user “aman-it” posted a solution for this  behaviour  when working with native OTP. You need to change the expression for the traffic policy.

 

Now you should be able to access all the internal resources via the VPN tunnel.

 

6 comments

  1. Pingback: Detailed Change Log – Carl Stalhood
  2. Pingback: NetScaler Gateway 12 – SSL VPN – Carl Stalhood
  3. Pingback: Site Updates – March 2018 – Carl Stalhood
  4. Pingback: Native One Time Passwords (OTP) – NetScaler Gateway 12 / Citrix Gateway 12.1 – Carl Stalhood
  5. Pingback: Native One Time Passwords (OTP) – Citrix Gateway 13 – Carl Stalhood
  6. Pingback: Julian Jakob - Citrix ADC - Always On Machine & User Tunnel VPN

Leave a Reply

Your email address will not be published. Required fields are marked *