NetScaler – Native OTP is breaking SSL VPN

If you are using NetScaler OTP authentication on your Gateway watch out when working with SSL VPN. After creating the session profile/policy I was able to connect to the Gateway and access some of the internal ressources. Unfortunately I couldnt get a working RDP connection or access some management websites via https (custom port).  I always was presented with the error: SSL_ERROR_RX_RECORD_TOO_LONG
ICMP request to the backend servers have been working as well.

The user “aman-it” posted a solution for this  behaviour  when working with native OTP. You need to change the expression for the traffic policy.

http.req.method.eq(post)||http.req.method.eq(get) && false

 

Now you should be able to access all the internal resources via the VPN tunnel.

 

 

 

 

2 thoughts on “NetScaler – Native OTP is breaking SSL VPN

Add yours

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: