Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

F5 APM Failed to download configuration


Hi . My VPN clinet showing Disconnected with failed to download configuration error . Existing setup is :


F5 AWAF VE version in front of APM . I have created LTM Virtual Server with pool member pointing to F5 APM Virtual Server . AWAF is in transparent mode currently . I tried to remove AWAF policy also but no luck .

F5 APM is running version 14.0.1 .


If i access directly from APM it is working fine . When try to access from ASM it is not working fine .


Error       HOST        CHostCtrl::OnTimer(), TUNNEL_SERVER_READY_CHECK - configuration read timed out

Error       HOST        \HostCtrl.h, CHostCtrl::Failed, Failed to download configuration (error: 0)

Error       HOST        \HostCtrl.h, CHostCtrl::Failed, Firing OnError event (message: Failed to download configuration)


Is this issue related to ciphers ?






F5 Employee
F5 Employee

Hello Omer,


When using ASM with APM, you will need to use the 'virtual' command in an iRule on the layered ASM VS to point at the APM VS.

This would not work with a pool member pointing at an APM VS due to how APM fires related to ASM in the hudchain.


Please review the following article:


K54217479: How to protect APM virtual server with ASM

Additionally, there is a little more in depth article using Brute Force Protection:


K13315545: Configuring a BIG-IP ASM virtual server to protect a BIG-IP APM login page with brute for...


Hope that helps!

Thank you for the suggestion . In my case issue was in HTTP profile . I bypassed some of pages through policy . APM and ASM are in separate boxes .