APM admin GUI/ssh over APM network access

Question

Hi, &nbsp;
I m trying to access APM admin access of mgmt IP over GUI and ssh over network access terminating on same APM. 
In tcpdump I see below packet &nbsp;
Client ----&gt; APM mgmt IP :443. TCP Syn 
APM self-IP -----&gt; APM mgmt IP : 443. TCP Syn&nbsp;
But no Syn/ack from APM mgmt IP . All firewall rules are in place.&nbsp;
What could be wrong? Hope I'm trying right way. If not, pls suggest how to do this&nbsp;
Thanks,&nbsp;
Sachin&nbsp;

kevin_stewart · Answer

That is actually a "feature", that you can't access the management interface through an SSLVPN connection on the same APM. To get around this, create a simple TCP VIP with client and server SSL profiles applied and this iRule:
when CLIENT_ACCEPTED {
    node 127.0.0.1 443
}

You would then access the management interface externally via this virtual server. I would also make the IP of this VIP something on your (non-routable) lease pool subnet so that only clients inside an established VPN can talk to it.

Forum Discussion

APM admin GUI/ssh over APM network access

1 Reply

Jürgen - February 2026 Featured Member

ICYMI - Steve Wozniak at AppWorld 2026

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Sending LTM\GTM logs to DCD devices

SSL and Uri Rewrites

Syslog Filter Configuration for Separating Audit and LTM logs.

How to Perform Redundancy Switchover on BIG-IP

The same static variable in different iRules/VS

Related Content

Disable/Block access to Network Map

Not able to access GUI and SSH to F5 VM

What is Multi-Cloud Networking?

Using iCall to monitor BIG-IP APM network access VPN

Demo Guide & Video Series for F5 Distributed Cloud Network Connect (Multi-Cloud Networking)

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS