NetScaler DTLS not connecting on Layer 4

jeffriechers · March 27, 2025, 10:38pm

I am attempting to use Caddy on OPNsense to do Layer 4 to resources in my lab. One of those resources is Citrix NetScaler Gateway that runs on TCP and UDP as DTLS. I have it all setup, but traffic only ever matches to TCP. If I go direct, UDP works fine. The following is my config.

Blockquote
layer4 {
import /usr/local/etc/caddy/caddy.d/*.layer4global

	udp/:443 {
		@8c119bff-d2c8-4ecc-82c3-56880bde7ea8 http host vpn.my.url

		route @8c119bff-d2c8-4ecc-82c3-56880bde7ea8 {
			proxy udp/10.0.0.82:443 {
			}
		}
	}
	tcp/:443 {
		@cd1753e4-f01a-4dfe-8da8-fe978ca243fa tls sni vpn.my.url

		route @cd1753e4-f01a-4dfe-8da8-fe978ca243fa {
			proxy tcp/10.0.0.82:443 {
			}
		}
	}
}

Blockquote

Mohammed90 · March 31, 2025, 7:58am

I don’t understand what this exactly means:

If I go direct

What do you do when you “go direct”?

Is it possible Citrix isn’t using the UDP address?

system · April 30, 2025, 7:58am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.