We are able to connect to NetScaler Gateway using the Receiver for Web but when we try to connect using Citrix Receiver after entering the user credentials, it fails, and we see the Receiver trying to load endlessly. At times it says that it cannot connect to the gateway URL. 

We requested the firewall team to bypass this traffic and configure a rule so that the traffic between external NetScaler and internal NetScaler is not altered. After this change the Receiver access started to work.

Problem Cause

Customer has an external NetScaler on which the traffic would land and in the session profile of this NetScaler they had pointed the StoreFront LB VServer as Web Interface address and that LB Vserver is hosted on an internal load balancer. After the authentication when the external NetScaler tries to send the StoreFront discover request to the internal NetScaler we see that the SSL connection breaks. That is because when the External NetScaler sends a client hello, in response we are seeing "continuation" with HTTP data in it due to which external NetScaler is resetting the connection with bad SSL record reset code. There is a firewall between the external NetScaler and internal NetScaler that was creating this problem. 

For the Receiver for web traffic, the traffic is coming to external NetScaler and to reach internal NetScaler it is using a different network path rather than what was being used for the Receiver and in that path there is no firewall. So the Receiver for web was working fine.