Normally you would see that the Citrix ADC setup is an SSL-BRIDGE vserver with accompanying UDP vserver on the same IP for the ports 443 and 8443 which are the default for BLAST and BEAT usage.
There would be situations that port 8443 cannot be used regarding company compliance or restraints that only port 443 is allowed to be used. In this case you would need to change to an SSL-Offloading setup because we can’t intercept any traffic in a SSL-BRIDGE scenario or apply WebSocket usage in a profile.
We need to create an HTTP profile which enables WebSocket connections and we can use on the new SSL-Offloading vservers
Afterwards bind this profile to the SSL-Offloading vservers
Then we need to change the service group which we use in the UDP vserver to 8443, so the frontend is 443 and the backend is 8443