Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

cpmortimer_1356's avatar
cpmortimer_1356
Icon for Nimbostratus rankNimbostratus
Oct 15, 2013

F5 SSL VPN Certificate Based Authentication on Android

Hi,   I am trying to get our Big IP v11.3 appliance working for certificate based client authentication for VPN connections. I am deploying certificates to mobile devices using the AirWatch EMM so...
BIG-IP Access Policy Manager (APM)
security
Matt_Dierick's avatar
Matt_Dierick
Icon for Employee rankEmployee
Oct 15, 2013

To retrieve logs from APM : tail -f /var/log/apm From LTM : tail -f /var/log/ltm Run the command line first, and launch your client after.

 

For client cert validation, create a client SSL profile, in LTM, with "Require" client certificate. Import your CA and CRL if needed. In APM, create a policy with "client cert inspection" if you wants to retrieve information from the certificate. But it's not mandatory. LTM has already validated the certificate.

 

For a dynamic CRL inspection, you can use CRLDP ou OCSP in APM.

 

Hope this help.