If you are using NetScaler OTP authentication on your Gateway watch out when working with SSL VPN. After creating the session profile/policy I was able to connect to the Gateway and access some of the internal ressources. Unfortunately I couldnt get a working RDP connection or access some management websites via https (custom port). I always was presented with the error: SSL_ERROR_RX_RECORD_TOO_LONG
ICMP request to the backend servers have been working as well.
The user “aman-it” posted a solution for this behaviour when working with native OTP. You need to change the expression for the traffic policy.
http.req.method.eq(post)||http.req.method.eq(get) && false
Now you should be able to access all the internal resources via the VPN tunnel.