Forum Discussion

Nimbostratus

Jan 28, 2019

Remote Desktop Web Access & APM

We have recently built a RDS solution and have put BIG-IP LTM infront of the web access server (which is also the gateway & connection server). I have two iApp built HTTP virtual servers current...

application delivery

BIG-IP Access Policy Manager (APM)

LTM

rds

rivardma_383867

Nimbostratus

Feb 15, 2019

Hi,

We also have that same trouble here currently, using Big-IP 13.1.0 and Remote Desktop on a set of 2019 Servers. We can easily create the Virtual Server/Pool/Node setup and then, we can successfully use the Remote Desktop Environment, either by using the HTML5 client or a RDP client.

However, when we create an Application Security Policy (Brand new simple policy, setup as transparent) and apply it the the virtual server, connection immediatly stops working. As it is non-blocking, this should in theory work perfectly fine.

There seems to be an issue with code injection in the HTTPS traffic as described in these posts:

https://devcentral.f5.com/questions/do-anyone-know-which-feature-in-asm-module-inject-these-scripts-and-how-to-change-it-

https://devcentral.f5.com/questions/how-transparent-is-transparent-mode-in-asm

My first guess looks like that Remote Desktop detects the changes and starts refusing the packets because they are altered. I did go around the system and deactivate all the features mentionned in those posts (Most of them where already off, there was one on but I can't remember which one) but none changed the end result.

rivardma_383867

Nimbostratus

Feb 15, 2019

We also found this yesterady that seems to point that if your servers are not running on Server 2012 R2 and lower, they are not supported, although it isn't clear if it is through the Application Security or through the Web Access feature in the Big-IP:

https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-clientcompatmatrix-12-1-3.html

We are currently working on starting a service request with F5 to have this checked out. We'll post updates here when we have some, but in the meantime, if someone here has a solution or can confirm this will never work, it would be appreciated.

Thanks

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Remote Desktop Web Access & APM

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

SSO login for APM Profiles

LTM issue Openning new web browser tab

SFP Port LEDs Blinking Yellow

Can F5 restrict the file types transferred via FTP?

Kerberos Authentication Failing for Exchange 2016 Behind F5 Cloud WAF

Related Content

Two-Factor Authentication – Remote Desktop Gateway

Remote Desktop Protocol (RDP) using an SSL VPN

Remote Desktop Web Access and Remote Desktop Gateway SSO Through APM

EC certificate breaks remote desktop

Hitting the Easy Button: Securing the Remote Desktop on F5 BIG-IP APM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS