Can you verify the NN is listening on the public interface? Since you're able to ssh using the public hostname, but attempts to use WebHDFS don't show up in the NN log, it sounds like NN might only be listening on the internal interface.
@sprakash I am seeing this same issue, were you able to resolve? I can also get a valid ticket but when trying to access RM UI via curl from my Mac, I see the same error:
* gss_init_sec_context() failed: : unknown mech-code 0 for mech unknown