LTM HTTP/S Monitor for Citrix Access Gateway

LTM version 10.2.1 / Citrix Access Gateway version 5.0.4

I have a customer who is using LTM to load-balance a pair of Citrix Access Gateways. Up until now, they have been using TCP checks (80 and 443) but a recent issue is causing the CAGs web-service to be unavailable while still listening on both ports.

In an attempt to add more specific content to the Send/Receive strings, it has been discovered that ANY use of the "GET" command causes the monitor to fail...even a simple "GET / " with nothing in the Receive string. The only way the monitors work is if absolutely nothing is in either field.

curl results show content being received:

* SSL certificate verify ok.

> GET / HTTP/1.1

> User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5

> Host: remote.customer.com

> Accept: */*

>

< HTTP/1.1 302 Found

< Server: Cyms-SecS v3.0

< Content-Type: text/plain; charset=utf-8

< Content-Length: 37

< Date: Wed, 24 Jul 2013 18:57:56 GMT

< Location: https://remote.customer.com/lp/Remote

< Connection: Keep-Alive

You will be redirected to Login page

* Connection 0 to host remote.customer.com left intact

* Closing connection 0

* SSLv3, TLS alert, Client hello (1):

All I'm looking for in the receive string is the 302 code - but it's not working. So, my question is has anyone else deployed CAG behind LTM and run into a similar issue with custom monitors?

Thanks,