Forum Discussion
Hi - I have been having the same problem for 2 months.
Windows 10 Version 22H2
HP ZBook Fury 15.6 inch G8 Mobile Workstation PC
BigIP Edge Client 7241,2023,331,1108
Firewall check fails when trying to connect. I get this e-mail from the system:
From: admin@xxxxxxxxxxxxxxxxxxxxx
Sent: Thursday, 1 August, 2024 11:21 AM
To: xxxxxxxxxxxxxxxxxxxx
Subject: Failed VPN Login - Session ID xxxxxxxxxxxxxxxx
Hello, You are receiving this email after failing to successfully connect to the Remote Access VPN Service. Please contact Local IT if you require assistance and they will help you to resolve your issue. The information below is to be recorded on any Service Now or Support Desk tickets to assist in troubleshooting errors. Session ID = xxxxxxxxxxxx Machine Certificate Check Result = 1 AD Query Result = 1 AD Auth Result = 1 MFA Authentication Result = 1 Firewall Check Result = 0 We were unable to detect an installed and running firewall on your device. AntiVirus Check Result = AD Groups Membership
F5 Diagnostics says:
2024-08-01, 9:36:11:678, 5080,12232,UNINSTALL, 48, , 373, ReportGenerator::GetOpswatEndPointInspectionLogs, OPSWAT Result: , {
"runs": [
{
"api": "3",
"expression": "type=fw&collect= 1",
"expression_parsed": {
"Firewall software Check": ""
},
"=": "===========================================================",
"+": "=====================Firewall software Check==========================",
"_": "===========================================================",
"result_parsed": {
"result": "0",
"state": "0",
"sdk": "4.3.2711.0",
"engine": "4.3.3969.0",
"count": "2",
"id1": "6015",
"vendor_id1": "6",
"version1": "10.0.19041.4291",
"name1": "Microsoft Windows Firewall",
"vendor_name1": "Microsoft Corp.",
"state1": "0",
"id2": "492000",
"vendor_id2": "492",
"version2": "7.13.18308.0",
"name2": "CrowdStrike Falcon",
"vendor_name2": "CrowdStrike, Inc.",
"state2": "0"
}
},
This is quite strange as the firewalls are definitely running:
Microsoft Windows [Version 10.0.19045.4651]
(c) Microsoft Corporation. All rights reserved.C:\Users\jogoldberg>netsh advfirewall show all
Domain Profile Settings:
----------------------------------------------------------------------
State ON
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast EnableLogging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096
Private Profile Settings:
----------------------------------------------------------------------
State ON
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast EnableLogging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096
Public Profile Settings:
----------------------------------------------------------------------
State ON
Firewall Policy BlockInbound,AllowOutbound
LocalFirewallRules N/A (GPO-store only)
LocalConSecRules N/A (GPO-store only)
InboundUserNotification Enable
RemoteManagement Disable
UnicastResponseToMulticast EnableLogging:
LogAllowedConnections Disable
LogDroppedConnections Disable
FileName %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize 4096Ok.
We've already tried the following:
- Make sure VPN server is set to the correct server - Done
- Try the diagnostic from https://<f5 server>/checkfw - Done. Same error as the BigIP Edge Client
- Hold down power button for 1 minute to do a forced unclean shutdown of laptop to clear memory - Done
- Try different WiFi network - Tried home Wifi, tried public Wifi, tried conference Wifi, tried LTE, tried iPhone Hotspot - same result
- From corporate LAN, performed a GPUpdate, and renewed my machine certificate - Done
- Sent multiple F5 Client Diagnostic reports - Done
- Performed GPUpdate myself while at The Office - Done
- Confirm that Group policy files located at C:\windows\System32\GroupPolicy are up to date - Done
- Uninstall/Reinstall F5 BigIP-Edge client - Done
- Check MFA Setup - Done
- Check Certificates - Done
Can the community offer any guidance/advice?