Jump to content
Welcome to our new Citrix community!

Content switching monitor issue

Manoj Kumar

Recommended Posts


I am trying to set up ADC in DMZ and customer LAN. There is a content switching service running and working in the LAN but I am trying to connect DMZ ADC LB service on port 443 monitors getting an issue and error " tcp connection successful but application timeout" I have asked the customer firewall rule and confirmed port 443 is allowed to NSIP, SNIP and content switch IP. Not sure what I am missing.



Link to comment
Share on other sites

Have you tried this KB article?


Since NetScaler is a full secure reverse proxy, there are two conversations happening here.

  1. Client --> CS or LB VIP
  2. NetScaler --> Application Server.

We are troubleshooting stage 2 - so it has nothing to do with the LB VIP or CS VIP

Can you try changing the monitor to a basic TCP monitor? What is the result.

Is there a service running on port 80 on the application server, and is this port open on the internal FW? If so, try creating a service which is port 80, HTTP and see if a HTTP Monitor works.

If you can copy and paste the service configuration here that will also help us.

Reasons for this sometimes is client cert auth turned on the service at the back end, where it is waiting for a certificate from NS, or some other SSL related issue, but first, the steps about should take the FW out of the equation.


Link to comment
Share on other sites

Guest Farhan Ali

The issue is that you are able to connect on tcp but when ssl handshake is happening its failing. You need to verify that the backend server SSL is working fine and Netscaler is able to trust it and complete the session

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...