APM Network Access with Proxy Autoconfig Script pointing to a VS on the same LB

I've setup a test environment (dedicated hardware running on 11.5.4 HF2) with two VS. One with an access policy to establish a SSL VPN tunnel and the other with standard LTM stuff to balance two proxy servers. Within the network access configuration I need to use the "Client Proxy Autoconfig Script" option specified as "http:///autoproxy.pac", but as soon as I enable this option the VPN-tunnel is not working anymore, means it won't be established anymore. In the logs I see that PPP-tunnel is started, but a few seconds later it is closed again and it's mentioning "Session deleted due to user logout request". Is this somehow related to have both VS configured in parallel on the same LB? In PROD environment we have separated this with Route Domains and partitions, but as they are strictly isolated, traffic through the tunnel must always go out of the LB via a FW and coming back to the LB in the other Route Domain. The idea was to get rid of this ugly traffic flow.

 

So is this possible at all? Is there something special we have to take care on?

 

Thank you!

 

Ciao Stefan :)