NetScaler – Native OTP is breaking SSL VPN

If you are using NetScaler OTP authentication on your Gateway watch out when working with SSL VPN. After creating the session profile/policy I was able to connect to the Gateway and access some of the internal ressources. Unfortunately I couldnt get a working RDP connection or access some management websites via https (custom port).  I always was presented with the error: SSL_ERROR_RX_RECORD_TOO_LONG
ICMP request to the backend servers have been working as well.

The user “aman-it” posted a solution for this  behaviour  when working with native OTP. You need to change the expression for the traffic policy.

 

Now you should be able to access all the internal resources via the VPN tunnel.