I wanted to test this out for myself, so I span up a NetScaler in my lab and started the configuration. I wanted to enable AAA so that I could pre-authenticate requests into my web applications (Outlook Web Access in my lab). The below picture shows an overview (check out the Citrix article it is linked from!)
Firstly I completed the NetScaler Gateway Wizard and ensured that I could authenticate and launch desktops from my XD7.11 lab.
Next I followed Dave Bretty's blog to Content Switch the NetScaler Gateway VS and a newly created VS for OWA.
Then I created an Authentication VS, then created a policy which say any requests to the AAA address would go to the authentication VS. Lastly I went to bind the policy to my Content Switch VS. I received the titled error message.