Win11 F5 VPN: specified port is already open
Hello, On Windows 11 after hibernation when the device is waken up, we get the error: specified port is already open. It seems to me the VPN connection isn't killed at hibernate, and after hibernate, the client tries to restore the same VPN connection, but isn't able to, as the session has been killed in the backend. The only workaround so far is restarting rasman service, or rebooting the client. Has anybody encountered these issues? Is there a configuration issue that causes this? Thanks in advance.
No DNS when using VPN web
I have an issue where our edge client works fine, but if I have 3rd parties who are granted VPN access, when they connect to the web VPN they cannot resolve my internal DNS. I can ping by IP. when I do an NSlookup it uses my internal DNS server, but cannot resolve. I didn't think there was a difference between the edge client and web access.Limit OTP vpn session
Hi, Very new to F5 APM. and I don't know tcl, so I'm definitely looking for some expert advice here. I am aware that we have a fixed maximum session time for vpn access policy. I want an iRule for OTP users that will limit the session to two hours from when the token is generated, and then end their session. caveat: If the user waits 1 hour to use the token, their session doesn't BEGIN when they login at that point, and give them 2 hours, but rather that they only have 1 hour remaining when they login. Thank you in advance!
F5 APM Network Access route domain -- specific gateway for vpn clients
I have setup a virtual server listening on the wan for vpn requests on port 443. I have a specific vlan configured for vpn clients 10.12.200.0/23. I have created a new route domain, and i have added the vlan into the route domain. In the VPE i added route domain and selected the correct one after authentication and before advanced resource assign. I created self ips of 10.12.200.3%200 and 10.12.200.4%200 (floating). I am able to ping the gateway on the upstream switch 10.12.200.1. If i add a default route 0.0.0.0%200 0.0.0.0 10.12.200.1%200 i cant get to anything on the vpn. it hits the self ip 10.12.200.3 and stops. If i turn on proxyarp, i get full connectivity, but the vpn client disconnects almost immediately (usually between 1-10 seconds after connecting) with no log messages other than client request to disconnect vpn session in the windows logs and in the APM it just says session deleted due to user logout request. I deleted the default route and created an l4 forwarding server source 10.12.200.0%200/23 and destination 0.0.0.0%200/0 with source address translation turned off as well as address and port translation turned off and set the pool to the gateway 10.12.200.1%200. I bound this to the vlan as well as to the connection profile vlan. This also cannot get past 10.12.200.3. If i turn on proxy arp, same thing, it works perfectly for a few seconds and then abruptly disconnects. if i turn off proxy arp but set snat to automap, i can ping everything, but nothing works in browser, rdp, ssh, etc, they all just come back saying connection refused. I cannot figure out why this is failing to work. I have seen several articles about this, and I have set this up as others have suggested and have not been able to successfully route via a default route from that vlan once connected to vpn.
[APM] URL stops working , location : /my.policy?ORG_URI=1f931c35
hello Team , We have a strange issue . User is able to access the url but sometimes the url doesn't work and when he checks in developer tool it has a status code of : 302 Found. After 10-15min it starts to work without any intervention. Response Headers : Connection : close Content-Length:0 Location : /my.policy?ORIG_URI=1f931c35 We are using APM for ACL and URL filtering , so where can I find my.policy ? I did not find any logs with this id 1f931c35 in cat apm or cat ltm logs , cat pktfilter logs , cat urlfilter logs .. Kindly please advice .
