Hi . My VPN clinet showing Disconnected with failed to download configuration error . Existing setup is :
F5 AWAF VE version 18.104.22.168 in front of APM . I have created LTM Virtual Server with pool member pointing to F5 APM Virtual Server . AWAF is in transparent mode currently . I tried to remove AWAF policy also but no luck .
F5 APM is running version 14.0.1 .
If i access directly from APM it is working fine . When try to access from ASM it is not working fine .
Error HOST CHostCtrl::OnTimer(), TUNNEL_SERVER_READY_CHECK - configuration read timed out
Error HOST \HostCtrl.h, CHostCtrl::Failed, Failed to download configuration (error: 0)
Error HOST \HostCtrl.h, CHostCtrl::Failed, Firing OnError event (message: Failed to download configuration)
Is this issue related to ciphers ?
When using ASM with APM, you will need to use the 'virtual' command in an iRule on the layered ASM VS to point at the APM VS.
This would not work with a pool member pointing at an APM VS due to how APM fires related to ASM in the hudchain.
Please review the following article:
Additionally, there is a little more in depth article using Brute Force Protection:
Hope that helps!