F5 APM Access client with client certificate authentication

Dear all,

We are trying to get the new F5 access client to work on Windows 10 because this is the supported F5 APM client (not the Big IP Edge client which is not supported on Windows 10, correct me if I am wrong) but we are still having an issue with client certificate validation. The issue is that the F5 access client does not seem to provide the user client certificate of the laptop. Looking into the tcpdump I can confirm that the F5 access client is not providing the client certificate for verification. With Big IP edge client this is working perfectly. This has nothing to do with F5 access policy configuration but I suspect a specific F5 Access client parameter setting to be missing.

I used the following F5 article to setup the VPN client, the F5 version is 13.1

https://techdocs.f5.com/kb/en-us/products/big-ip_apm/manuals/related/f5-access-config-note-win10-1-2.html

The following configuration settings have been applied to the F5 access VPN profile. I can confirm that the noprompts for credentials are working, the VPN profile is created with the correct IP address, but only the client is not providing the certificate as the F5 Edge client does. The requested certificate issues is also correct and configured in the configuration file.

What additional parameter setting is required for the client authentication to work with F5 Access client?

$xml = "<f5-vpn-conf><prompt-for-credentials> false</prompt-for-credentials><client-certificate><issuer>Domain CA</issuer></client-certificate></f5-vpn-conf>"
$sourceXml=New-Object System.Xml.XmlDocument
$sourceXml.LoadXml($xml)
 
 
Add-VpnConnection -Name F5_test-noprompt IPADDRESSHERE  -SplitTunneling $True -PluginApplicationID F5Networks.vpn.client_btcnfmkykcjs2 -CustomConfiguration $sourceXml