Bug ID 1034365: DTLS handshake fails with DTLS1.2 client version

Last Modified: Dec 07, 2023

Affected Product(s):
BIG-IP LTM(all modules)

Known Affected Versions:
13.1.4.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4, 15.1.0, 15.1.0.1, 15.1.0.2, 15.1.0.3, 15.1.0.4, 15.1.0.5, 15.1.1, 15.1.2, 15.1.2.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1

Fixed In:
15.1.5, 14.1.4.5, 13.1.5

Opened: Jul 19, 2021

Severity: 3-Major

Symptoms

DTLS handshake will be unsuccessful when client initiates a handshake with BIG-IP with DTLS1.2 version

Impact

DTLS handshakes can fail.

Conditions

When there is a DTLS client which supports both DTLS 1.0 and DTLS 1.2, then this problem could occur.

Workaround

If possible, force the client to use only DTLS 1.0 in the client hello negotiation.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips