Manoj Kumar Posted December 19, 2022 Share Posted December 19, 2022 Content switching monitor issue Link to comment Share on other sites More sharing options...
Manoj Kumar Posted December 19, 2022 Author Share Posted December 19, 2022 Hi,I am trying to set up ADC in DMZ and customer LAN. There is a content switching service running and working in the LAN but I am trying to connect DMZ ADC LB service on port 443 monitors getting an issue and error " tcp connection successful but application timeout" I have asked the customer firewall rule and confirmed port 443 is allowed to NSIP, SNIP and content switch IP. Not sure what I am missing.ThanksManoj Link to comment Share on other sites More sharing options...
Ronan OBrien Posted December 21, 2022 Share Posted December 21, 2022 Have you tried this KB article? https://support.citrix.com/article/CTX215481/error-failure-tcp-connection-successful-but-application-timed-out-on-netscaler Since NetScaler is a full secure reverse proxy, there are two conversations happening here. Client --> CS or LB VIP NetScaler --> Application Server. We are troubleshooting stage 2 - so it has nothing to do with the LB VIP or CS VIP Can you try changing the monitor to a basic TCP monitor? What is the result. Is there a service running on port 80 on the application server, and is this port open on the internal FW? If so, try creating a service which is port 80, HTTP and see if a HTTP Monitor works. If you can copy and paste the service configuration here that will also help us. Reasons for this sometimes is client cert auth turned on the service at the back end, where it is waiting for a certificate from NS, or some other SSL related issue, but first, the steps about should take the FW out of the equation. Ronan. Link to comment Share on other sites More sharing options...
Guest Farhan Ali Posted December 27, 2022 Share Posted December 27, 2022 The issue is that you are able to connect on tcp but when ssl handshake is happening its failing. You need to verify that the backend server SSL is working fine and Netscaler is able to trust it and complete the session Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now