DNS resolve issues on Ubuntu 24 LTS with f5fpc
Hi, Problems connecting to vpn after upgrading to ubuntu 24.04 | DevCentral After switching to Ubuntu 24 LTS, I encountered the connection issues as described here https://community.f5.com/discussions/TechnicalForum/problems-connecting-to-vpn-after-upgrading-to-ubuntu-24-04/329549 . Applying the fix symlinking /etc/resolv.conf made things work partly. What I am seeing is that, after connecting with f5fpc, /etc/resolv.conf contains the two nameservers of my vpn domain (great), but also still my local lan nameserver (192.168.1.1 , not so great). This makes that about 1 in 3 DNS requests for hosts on the vpn side fail. $ cat /etc/resolv.conf 17 │ nameserver 192.168.20.2 18 │ nameserver 192.168.20.25 19 │ nameserver 192.168.1.1 20 │ search . Any ideas what could be causing this ?Need to log the VPN Pool IP Address on the Edge Firewall Logs
Dears Greeting I am Using the F5 APM as a VPN Solution On the Edge Firewall Logs i can see ONLY the SELF IP Addresses and NOT the the Assigned VPN Pool IP Address that is configured under the Network Access Profile on the APM Config, I am Using a One Arm Deployment When i am try to remove the SNAT from the Virtual Server , and Network Access Profile on the APM interchangeably and with each other , I cannot reach the services
[Workaound] User required to manually start EPI and VPN in browsers
After upgrading to version 16.1.4 the users need to manually start the End Point Inspector and the Web Initiated VPN by clicking on a "Start" button. This is describe in this KB. I created a user-common.js that will automatically click on the start button for the user. However, please note that this workround works as of 3rd of November 2023, but might stop working in the future in different browsers. In order to activate the workaround you need to have an Access Policy of the Moden type. Then go to Customizations -> Advanced -> Acces Profiles -> <Your Access Profile> -> Common Add the followinf to the file user-common.js define(["require", "exports", "apmui"], function (require, exports, apmui_1) { "use strict"; Object.defineProperty(exports, "__esModule", { value: true }); var app = apmui_1.App.get(); app.subscribe(apmui_1.EventType.EPS_CHECK_PROGRESS, function (_, store) { var btns = document.getElementsByClassName("apmui-button"); if (btns.length == 0) { console.log("Failed to find button..."); return; } btns[0].click(); }); app.subscribe(apmui_1.EventType.DIALOG_OPEN, function (_, store) { setTimeout(function () { var dialog = document.getElementById("sna_auto_start_not_supported"); if (dialog == null) { console.log("Didn't find the right dialog"); return; } var btns = dialog.getElementsByClassName("apmui-button"); if (btns.length == 0) { console.log("Didn't find the start button"); return; } btns[0].click(); }, 100); }); }); If you have a better solution to this, please let me know. This was just what I came up with when asked by customers that the new "Start" button had created confusion among their users.
cant access to management interface after vpn using apm established
i had configured network access vpn using APM module, i tried to split tunneling the network of my management access, but unfortunately when the vpn established i cant connect to my f5 management interface. i tried to add VS with my pool member is my f5 management ip address, where VS ip address is 1 network with my VPN user, the service is https, and the pool member is my f5 management ip address with service port is 443. and then the result is i can ping my VS but i cant connect to my VS which have the pool member is my f5 management ip address with port 443 any idea how can i access to my F5 after vpn using APM established? really appreciate your help thank youDomain was fixed in Internet Security on Internet Explorer (IE)
How it possible to edit the domain in Internet Security when it's prompt as this image below example image I has set the F5 APM to fixed the domain name, using Variable Resource Assign expr { "[mcget {session.ad.last.actualdomain}]\\[mcget {session.logon.last.username}]" } I try with Chrome, Firefox so it's work well, but in IE have fixed the Domain for each PC. For my guess, I think the behavior of Chrome and Firefox will be like Username : username Password : password after we input the information above the Variable Resource Assign will automatically add the domain to be the domain\username . On the other hand, the result of IE (that browser fix domain) will be like RINGWORLD\domain\username that will make authentication abort. My idea is to check the browser type, if the client use IE -> the F5 APM will remove the domain that fixed from the browser. Finally, I am not sure that it's possible to do it like this way or someone can give me a better solution. -F5 APM with Version 12.1.2 HF1 -IE Version 11 -F5 SSL VPN Thank you very much
