Forum Discussion
Mike_Ho
Cirrus
CirrusInstalled HF603 2.1.1 and controller list changed
I installed the hotfix rollup for 6.0.3 Sunday which went smoothly.
We have a broad deployment of the F5 Networks VPN Client which generally works very well.
When I ran the client after applying the hotfix it downloaded updates, since I have the following settings enabled for the client:
Automatically Update Components
Dynamically Download Session Settings During Logon
Now to my problems -
1) After updating, a host was added to the "Firepass Controller List" which I have not configured in the "customize client components" configuration section.
2) The client apparently automatically connects to this new host after updating, and users get an error. Why? Because my pre-logon inspection does not allow connections to the base URI of the server.
How can I prevent the F5 Networks VPN Client from adding entries to the Controller List when I have not configured them in the client configuration?
Why does it try to log on to the newly added controller after updating?
For example
For example, say my client has the following controllers configured:
https://foobar.domain.com/vpn1
https://foobar.domain.com/vpn2
https://bozboo.domain.com/vpn1
. . .
When the updates occur they are retrieved from (say) https://bozboo.domain.com/ and then a new entry is created in the controller list for "https://bozboo.domain.com/" and after updating the client tries connecting there and errors out since I don't allow logons to "https://bozboo.domain.com/" but instead require one of a set of landings.
Thoughts?
3 Replies
mal_57091Nimbostratus
Hi There,
Under Device Management -> Client Downloads -> Windows (x86) -> Customize Client Components (tab) is the new host listed here? If so, delete it if its not needed.
Also, on this same page, if you scroll all the way down to the bottom there is an option called "Dynamically Download Session Settings During Logon". If this is ticked in then it really doesn't matter what is configured on the FirePass client as it will be overriden by whats on the FirePass so you may want to check this out also.
Cheers,
Mal
Mike_HoHiya Mal!Posted By mal on 05/12/2009 5:59 AM
Hi There,
Under Device Management -> Client Downloads -> Windows (x86) -> Customize Client Components (tab) is the new host listed here? If so, delete it if its not needed.
No it is not listed there.
Also, on this same page, if you scroll all the way down to the bottom there is an option called "Dynamically Download Session Settings During Logon". If this is ticked in then it really doesn't matter what is configured on the FirePass client as it will be overriden by whats on the FirePass so you may want to check this out also.
Cheers,
Mal
Yes I do have that box checked. I was under the assumption that would keep the client controller list "synched" with the list I have configured on each Firepass, which is why I'm confused that one got added for me by the update.- Mike_HoMy users are seeing this too, so it's not just one client install that got munged. I have a case open with F5 and hopefully they will help me find a way to prevent this. I have gotten a TON of calls from users about the udpate -> error -> new "default" controller added to the list.
![\"F5](\"https://www.f5.com/content/dam/f5/f5-logo.svg\"){kind=logo}
