F5 BIG-IP Edge Client - Firewall Check Failed

Hi - I have been having the same problem for 2 months. 

Windows 10 Version 22H2

HP ZBook Fury 15.6 inch G8 Mobile Workstation PC

BigIP Edge Client 7241,2023,331,1108

Firewall check fails when trying to connect. I get this e-mail from the system:

From: admin@xxxxxxxxxxxxxxxxxxxxx 
Sent: Thursday, 1 August, 2024 11:21 AM
To: xxxxxxxxxxxxxxxxxxxx
Subject: Failed VPN Login - Session ID xxxxxxxxxxxxxxxx

 

Hello, You are receiving this email after failing to successfully connect to the Remote Access VPN Service. Please contact Local IT if you require assistance and they will help you to resolve your issue. The information below is to be recorded on any Service Now or Support Desk tickets to assist in troubleshooting errors. Session ID = xxxxxxxxxxxx Machine Certificate Check Result = 1 AD Query Result = 1 AD Auth Result = 1 MFA Authentication Result = 1 Firewall Check Result = 0 We were unable to detect an installed and running firewall on your device. AntiVirus Check Result = AD Groups Membership

F5 Diagnostics says:

2024-08-01, 9:36:11:678, 5080,12232,UNINSTALL, 48, , 373, ReportGenerator::GetOpswatEndPointInspectionLogs, OPSWAT Result: , {
    "runs": [
        {
            "api": "3",
            "expression": "type=fw&collect= 1",
            "expression_parsed": {
                "Firewall software Check": ""
            },
            "=": "===========================================================",
            "+": "=====================Firewall software Check==========================",
            "_": "===========================================================",
            "result_parsed": {
                "result": "0",
                "state": "0",
                "sdk": "4.3.2711.0",
                "engine": "4.3.3969.0",
                "count": "2",
                "id1": "6015",
                "vendor_id1": "6",
                "version1": "10.0.19041.4291",
                "name1": "Microsoft Windows Firewall",
                "vendor_name1": "Microsoft Corp.",
                "state1": "0",
                "id2": "492000",
                "vendor_id2": "492",
                "version2": "7.13.18308.0",
                "name2": "CrowdStrike Falcon",
                "vendor_name2": "CrowdStrike, Inc.",
                "state2": "0"
            }
        },

This is quite strange as the firewalls are definitely running:

Microsoft Windows [Version 10.0.19045.4651]
(c) Microsoft Corporation. All rights reserved.

C:\Users\jogoldberg>netsh advfirewall show all

Domain Profile Settings:
----------------------------------------------------------------------
State                                 ON
Firewall Policy                       BlockInbound,AllowOutbound
LocalFirewallRules                    N/A (GPO-store only)
LocalConSecRules                      N/A (GPO-store only)
InboundUserNotification               Enable
RemoteManagement                      Disable
UnicastResponseToMulticast            Enable

Logging:
LogAllowedConnections                 Disable
LogDroppedConnections                 Disable
FileName                              %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize                           4096

Private Profile Settings:
----------------------------------------------------------------------
State                                 ON
Firewall Policy                       BlockInbound,AllowOutbound
LocalFirewallRules                    N/A (GPO-store only)
LocalConSecRules                      N/A (GPO-store only)
InboundUserNotification               Enable
RemoteManagement                      Disable
UnicastResponseToMulticast            Enable

Logging:
LogAllowedConnections                 Disable
LogDroppedConnections                 Disable
FileName                              %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize                           4096

Public Profile Settings:
----------------------------------------------------------------------
State                                 ON
Firewall Policy                       BlockInbound,AllowOutbound
LocalFirewallRules                    N/A (GPO-store only)
LocalConSecRules                      N/A (GPO-store only)
InboundUserNotification               Enable
RemoteManagement                      Disable
UnicastResponseToMulticast            Enable

Logging:
LogAllowedConnections                 Disable
LogDroppedConnections                 Disable
FileName                              %systemroot%\system32\LogFiles\Firewall\pfirewall.log
MaxFileSize                           4096

Ok.

We've already tried the following:

1. Make sure VPN server is set to the correct server - Done
2. Try the diagnostic from https://<f5 server>/checkfw - Done. Same error as the BigIP Edge Client
3. Hold down power button for 1 minute to do a forced unclean shutdown of laptop to clear memory - Done
4. Try different WiFi network - Tried home Wifi, tried public Wifi, tried conference Wifi, tried LTE, tried iPhone Hotspot - same result
5. From corporate LAN, performed a GPUpdate, and renewed my machine certificate - Done
6. Sent multiple F5 Client Diagnostic reports - Done
7. Performed GPUpdate myself while at The Office - Done
8. Confirm that Group policy files located at C:\windows\System32\GroupPolicy are up to date - Done
9. Uninstall/Reinstall F5 BigIP-Edge client - Done
10. Check MFA Setup - Done
11. Check Certificates - Done

Can the community offer any guidance/advice?