Hey guys,
I'm having a problem that when accessing my login page through the Bip-Ip Edge Client, Google recaptcha does not work when I click on I'm not a robot it stays in looping .
Has anyone ever experienced this ?
Strangely, this only happens on the Big-IP client per browser, and it works normally.
Thanks
We encountered the same issue at a customer's apm. BIG-IP v16.1.2.2, Edge Client 7221. We upgraded the firmware to v16.1.3.4 and edge client to 7240. There was no change, we had to remove the captcha.
I encountered the same issue when I tested in v17.0 lab device.
Recaptcha works on the web browsers. When I click the "I am not a robot" checkbox on Edge Client, no requests are sending to google. The below requests are not occurring in edge client.
There is no problem with hcaptcha. The difference I see between edge client and web browser for recaptcha; edge client sends a request to "https://www.google.com/pre/config.php?version=2.0" and gets a 404 response. This request does not occur when there is no recaptcha configuration. When using hcaptcha, "/pre/config.php" request is not sent to the hcaptcha service.
GET https://www.google.com/pre/config.php?version=2.0 HTTP/1.0
Host: www.google.com
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0; F5 Networks Client)
Connection: close
HTTP/1.0 404 Not Found
Content-Type: text/html; charset=UTF-8
Referrer-Policy: no-referrer
Content-Length: 1575
Date: Fri, 31 Mar 2023 23:43:36 GMT
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
<!DOCTYPE html>
<html lang=en>
<meta charset=utf-8>
<meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
<title>Error 404 (Not Found)!!1</title>
<style>
*{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) 0}}@media only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px}
</style>
<a href=//www.google.com/><span id=logo aria-label=Google></span></a>
<p><b>404.</b> <ins>That’s an error.</ins>
<p>The requested URL <code>/pre/config.php</code> was not found on this server. <ins>That’s all we know.</ins>
Thanks for the additional information. This "config.php" is how Edge Client obtains information from BIG-IP about the versions and logon modes of the APM VPN concentrator. This behavior of following the hostname but not the path part of a URL has also happened in another situation in a different version of the client. This issue might be related to security changes that have been made in the client about how links are processed / validated.
Can you open a support case and reference ID 1032505? We'll need to get the product engineering team to take a look.
497100 : APM Migrates to Google reCAPTCHA API Version 2.0
Component:Access Policy Manager
Symptoms: Google introduced reCAPTCHA API v2 in December 2014. The v2 API will not work with API key pair generated for v1 API. With APM migrating to reCAPTCHA v2, the key pair that works with previous releases of the APM will stop functioning after upgrade.
Conditions: When key pair generated for v1 API is used in the reCAPTCHA configuration.
Impact: Users will not be able to log in.
Fix: N/A
Behavior Change: Before upgrade, admin is required to register a new key pair with Google. After upgrade, the "secret" and "site key" fields on the reCAPTCHA admin UI are populated with the old keys. Replace the old keys with the new keys obtained from Google.
Furthermore, the "Verification URL", "Challenge URL", and "Noscript URL" fields are populated with the URLs for Google reCAPTCHA v2 service, not those that were specified before the upgrade. If a virtual server has been configured for v1 verification using HTTPS, the virtual server needs to add client side SSL profile and the "Verification URL" field should point to the virtual server.
Moreover, the "CAPTCHA Theme" is obsolete and is replaced by v2 CAPTCHA render configuration parameters with the following default values:
Data Theme = Light Data Type = Image Data Size = Normal
Edge Client in web-logon mode uses a Windows Browser Control that operates in IE11 emulation mode. Can you try an IE Reset (from internet options control panel) and the other things mentioned in this page? Have you tried other PCs?
This problem occurs on all computers, including new computers out of the box, we install the big ip client.
The strangest thing is that this was something functional that everyone accessed the vpn that way, google's reCaptcha V2 does not work on the Big Ip edge client, but it works using only the browser.
Related to the other tests on the page, we have already carried out.
My customer are facing the same problem, since WindowsOS starting a new rule for auto start the Microsoft Edge Browser when open old IE Browser.
I'm not sure F5 Edge Client use which Browser to open the Login Page, if F5 Edge Client use the old IE Browser and cannot open the Edge Browser, maybe the service will abnormal.
I'm not open case to confirm, just disable "Allow Access if CAPTCHA Verification Cannot Complete" config, and wait F5 to fix this problem