[BUG] Citrix NetScaler Build 51.5: GUI Secure Only not working through SSL/VPN
October 6, 2011
Citrix NetScaler GUI console reachable through http while “Secure Only” is enabled when using an SSL/VPN connection.
To make sure your NetScaler implementation is compliant with PCI-DSS standards you have to make sure you cannot approach the Management Console in a non-encrypted manner. During my most recent implementations using Build 51.5nc I noticed that although having enabled this option I can still access the GUI through an unencrypted http connection instead of https when connected by an Access Gateway SSL/VPN connection.
Citrix Support has confirmed this bug and is working on a solution.