Forum Discussion

Nimbostratus

Apr 24, 2015

Issue with APM/ActiveSync cert auth

I'm having an issue with Certificate auth for activesync with APM. The problem seems isolated to IOS. Android devices don't seem to be having a problem. The issue is that some IOS users in the pilo...

BIG-IP Access Policy Manager (APM)

security

R_Marc

Nimbostratus

Apr 25, 2015

The _sys_APM_activesync irule apparently had some other BA specific rules which were contributing to my issues. I've removed those as well.

if { $f_insert_clientless_mode == 1 } {
            HTTP::header insert "clientless-mode" 1
            HTTP::header insert "username" $apm_username
            HTTP::header insert "password" $apm_password
}
unset f_insert_clientless_mode

That being said, if that's the issue I can see some issues with security. Those headers need to be blocked/reset on ingress.

It would assume that someone with a valid cert wanted to hack user X, so it wouldn't be an external vector, but I'm going to preempt that.

This all assumes this fixes the issue.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Issue with APM/ActiveSync cert auth

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Does F5 rSeries 4600 support 3rd Party SFP

no upload file .docx

F5 LACP

F5 BGP Peering in Active /Standby Cluster

AS3 Storage

Related Content

Regex issue

APM syslogs issues

client-initiated SSO issue

New iOS F5 Access version (3.1.0) issues

Issue on management route

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS