SSL Offloading / Content Switching with Citrix NetScaler and PRTG Network Monitor

A quick one. I tried to publish the PRTG Webinterface through a NetScaler using SSL Offload and Content Switching. While testing my setup with a Webbrowser it all seemed to worked fine. But as I tried the iOS Application from Paessler I run into the following problem.

clip_image001

Since there are two Knowledge Base articles from Paessler available how to use an IIS or Apache as a Reverse Proxy (Link 1 Link 2) and I could access the Webinterface with my Browser I was pretty sure I made a mistake somewhere.

So I connected my iPad to XCode and checked the Console Logfile while setting up My Account.

clip_image003

The App is trying to access prtg.trendelkamp.net:443. This got me thinking. I checked my NetScaler Content Switching policy. clip_image005
The policy says that the hostname needs to be the same as I configured, prtg.trendelkamp.net. And since the PRTG App adds the port at the end of the hostname there is no matching policy anymore. As soon as I changed the expression to HTTP.REQ.HOSTNAME.CONTAINS(“prtg.trendelkamp.net”) the App worked fine J