Jump to content
Welcome to our new Citrix community!

Connectivity Issues on NSG with DTLS (EDT) Enabled

Bob Geisler

Recommended Posts

Netscaler Platform: SDX 11500


Netscaler firmware version:


Citrix Platform: XenDesktop 7.15 on Windows Server 2016


I'm currently investigating an issue with DTLS connectivity over the Netscaler Gateway. An active session will randomly freeze and while observing "nsconmsg -d current -g ssl_err" the following SSL error messages will generate at the exact same time the session is frozen:



I'm wondering if anyone has a similar issue or has any information regarding the above SSL errors. I was unable to find any information regarding the above errors via search engine.
Thanks in advance!
Bob G.


Link to comment
Share on other sites

  • 3 weeks later...
  • 4 weeks later...

Be very careful of your memory usage while having DTLS enabled. We just ran into an issue/bug where these particular counter failures are not being flushed out properly and cause a memory leak with the Netscaler. I can tell you, when it runs out of memory, bad things happen. We observed this with 11.1 53.11. We're told by support that 11.1 56.x and 12.0 52.x fixes this, but it hasn't been released yet.

Link to comment
Share on other sites

  • 2 years later...

We are still seeing sessions freeze or users experience sub-optimal/degraded performance and other odd behavior such as duplicate/stale sessions that appear to be similar to port exhaustion DOS.

We do have the 'Hello Verify Request' enabled 


7.15 CU4 / ADC

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...