Forum Discussion

Nimbostratus

Jun 26, 2014

DTLS Option IN APM SSL VPN F5

Hi all, We are completed APM SSL VPN on F5 4000 s, Previously we are using UAG and web based ssl vpn. In F5 We using full tunnel method , We got information from some people enable the DTLS opti...

application delivery

BIG-IP Access Policy Manager (APM)

Employee

Jun 27, 2014

You need to configure the option in the Network Access resource as Andrew said and you will also have to create a UDP Virtual Server listening on port 4433 with the connectivity profile selected in the Virtual Server configuration.

If you have the option selected in network access but no virtual configured or if you have a connectivity issue between the client and APM you the client will stay on TCP 443 but if the client can connect on UDP 4433 it will use DTLS for the tunnel.

This excerpt is from the APM manual...

"Select this option to use Datagram Transport Level Security with the network access connection. This option uses UDP as the transport to provide better throughput for latency-sensitive applications like VoIP or streaming video, especially with lossy connections. If the port used by DTLS is blocked by an intermediate firewall or gateway, or not available, the connection automatically falls back to TLS or SSL."

Hope this helps,

Seth

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)