Intermittent connection issues when load balancing servers on NetScaler. If NetScaler is bypassed, everything works fine.

SSLSESSION  persistence is used for SSL bridge services only.

When SSL Session ID persistence is configured, the NetScaler appliance uses the SSL Session ID, which is part of the SSL handshake process, to create a persistence session before the initial request is directed to a service. The load balancing virtual server directs subsequent requests that have the same SSL session ID to the same service. This type of persistence is used for SSL bridge services.

Also, if the client and the load-balanced server should renegotiate the session ID during their transactions, persistence is not maintained, and a new persistence session is created when the client’s next request is received. This may result in the client’s activity on the web site being interrupted and the client being required to re-authenticate or restart the session.

https://docs.citrix.com/en-us/netscaler/11/traffic-management/load-balancing/load-balancing-persistence/session-id-persistence.html