Forum Discussion
Sandra_O_230072
Nimbostratus
NimbostratusF5 BIG-IP Edge Client - Firewall Check Failed
Hi all. I'am new here and I don't know almost nothing about F5. But I have to support F5 BIG-IP Edge Client. And from time to time we have the following problem: When the user tries to connect they get the message "Firewall check failed. Please activate Windows Firewall and try again." But that problem have only 3-5 users. Mostly after the Windows Updates. We tried a few things:
- Uninstall and install the BIG-IP Software
- Checked the Windows firewall were on, also the rules
- With diffrent user on the same client
- And a lot of other things I cant remember nothing helped.
So we have to install a new Windows on the machine, which can not be the solution. Maybe anyone of you had the same problem. I hope you can help me.
We use Windows 7 x64 Notebooks. BIG-IP Edge Client Version is 7101,2014,1106,1707.
Thanks
boneyardMVP
if you a have support contract on this platform with F5 just contact them. they have to possibility to investigate much deeper then we can here via a forum. of course someone might have experienced exactly the same and can help, but opening a support ticket in parallel is always a good idea.
jogoldbergHi - I have been having the same problem for 2 months.
Windows 10 Version 22H2
HP ZBook Fury 15.6 inch G8 Mobile Workstation PC
BigIP Edge Client 7241,2023,331,1108
Firewall check fails when trying to connect. I get this e-mail from the system:
From: admin@xxxxxxxxxxxxxxxxxxxxx
Sent: Thursday, 1 August, 2024 11:21 AM
To: xxxxxxxxxxxxxxxxxxxx
Subject: Failed VPN Login - Session ID xxxxxxxxxxxxxxxxHello, You are receiving this email after failing to successfully connect to the Remote Access VPN Service. Please contact Local IT if you require assistance and they will help you to resolve your issue. The information below is to be recorded on any Service Now or Support Desk tickets to assist in troubleshooting errors. Session ID = xxxxxxxxxxxx Machine Certificate Check Result = 1 AD Query Result = 1 AD Auth Result = 1 MFA Authentication Result = 1 Firewall Check Result = 0 We were unable to detect an installed and running firewall on your device. AntiVirus Check Result = AD Groups Membership
F5 Diagnostics says:
2024-08-01, 9:36:11:678, 5080,12232,UNINSTALL, 48, , 373, ReportGenerator::GetOpswatEndPointInspectionLogs, OPSWAT Result: , {
"runs": [
{
"api": "3",
"expression": "type=fw&collect= 1",
"expression_parsed": {
"Firewall software Check": ""
},
"=": "===========================================================",
"+": "=====================Firewall software Check==========================",
"_": "===========================================================",
"result_parsed": {
"result": "0",
"state": "0",
"sdk": "4.3.2711.0",
"engine": "4.3.3969.0",
"count": "2",
"id1": "6015",
"vendor_id1": "6",
"version1": "10.0.19041.4291",
"name1": "Microsoft Windows Firewall",
"vendor_name1": "Microsoft Corp.",
"state1": "0",
"id2": "492000",
"vendor_id2": "492",
"version2": "7.13.18308.0",
"name2": "CrowdStrike Falcon",
"vendor_name2": "CrowdStrike, Inc.",
"state2": "0"
}
},This is quite strange as the firewalls are definitely running:
Microsoft Windows [Version 10.0.19045.4651]
(c) Microsoft Corporation. All rights reserved.C:\Users\jogoldberg>netsh advfirewall show all
Domain Profile Settings:
----------------------------------------------------------------------
State ON
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast EnableLogging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096
Private Profile Settings:
----------------------------------------------------------------------
State ON
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast EnableLogging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096
Public Profile Settings:
----------------------------------------------------------------------
State ON
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast EnableLogging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096Ok.
We've already tried the following:
- Make sure VPN server is set to the correct server - Done
- Try the diagnostic from https://<f5 server>/checkfw - Done. Same error as the BigIP Edge Client
- Hold down power button for 1 minute to do a forced unclean shutdown of laptop to clear memory - Done
- Try different WiFi network - Tried home Wifi, tried public Wifi, tried conference Wifi, tried LTE, tried iPhone Hotspot - same result
- From corporate LAN, performed a GPUpdate, and renewed my machine certificate - Done
- Sent multiple F5 Client Diagnostic reports - Done
- Performed GPUpdate myself while at The Office - Done
- Confirm that Group policy files located at C:\windows\System32\GroupPolicy are up to date - Done
- Uninstall/Reinstall F5 BigIP-Edge client - Done
- Check MFA Setup - Done
- Check Certificates - Done
Can the community offer any guidance/advice?
- boneyard
Ill repeat what I said almost 9 years ago, please contact F5 support, they can look into this with your details and their expertise of the system. You might get lucky here if someone experienced exactly the same, but chance is very low.