discovered that the SSL service on the server did not support the latest TLS 1.2 protocol.

One resource that I think is really useful is this page that lists the ciphers supported on various versions:

https://support.f5.com/kb/en-us/solutions/public/13000/100/sol13163.html?sr=49108706

As you can see if you compare 11.4.1 with later versions is that there are a lot of ciphersuites added after 11.4.1 so while 11.4.1 does support TLS 1.2 I suspect that the rather generic message "id not support the latest TLS 1.2 protocol" is simply referring to some enhancements that they aren't naming. Either way I would consider upgrading the BIG-IP:s for the additional cipher suites.

As for the second problem, yeah I would certainly enable No SSLv3. It's an antiquity by now and if your users experiences problems as a result then they should seriously consider their choices in life as they clearly are using severely outdated browsers.