While configuring a customer implementation in a high security environment I’ve looked up the general ssl offload article for XenMobile.
The article was updated a few days ago with a table in the end stating that SSL Bridge should be used.
As I wanted to SSL Offload the Traffic on the NetScaler and send it re-encrypted for DMZ traversal to the XenMobile XMS Server I’ve checked with my Citrix contacts if MDM Offload is still supported. It’s not anymore!
Here is another article from Citrix stating the same:
Supported Architectures Between NetScaler and XenMobile Server
From now, SSL Offload for MDM traffic only if you plan to use Port 80/HTTP to the XenMobile Server Appliance