Bug ID 1059025: Firewall Controller in Locked mode may not work properly on macOS 12.3

Last Modified: Jun 28, 2025

Affected Product(s):
APM-Clients APM(all modules)

Known Affected Versions:
13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1, 15.1.3, 15.1.3.1, 15.1.4, 15.1.4.1, 15.1.5, 15.1.5.1, 15.1.6, 15.1.6.1, 15.1.7, 15.1.8, 15.1.8.1, 15.1.8.2, 15.1.9, 15.1.9.1, 15.1.10, 15.1.10.2, 15.1.10.3, 15.1.10.4, 15.1.10.5, 15.1.10.6, 16.1.2, 16.1.2.1, 16.1.2.2, 16.1.3, 16.1.3.1, 16.1.3.2, 16.1.3.3, 16.1.3.4, 16.1.3.5, 16.1.4, 16.1.4.1, 16.1.4.2, 16.1.4.3, 16.1.5, 16.1.5.1, 16.1.5.2, 16.1.6

Fixed In:
7.2.3, 7.2.2.2

Opened: Nov 01, 2021

Severity: 3-Major

Related Article: K37264030

Symptoms

Python support is deprecated with the newly released macOS version 12.3 (Monterey). The APM firewallcontrol script was written in Python, and no Python is provided in the macOS version 12.3. When a supported version of Python is not present , the firewall will not be active and the system posts the following message in /Library/Logs/F5Networks/f5fwctl.log: env: python: No such file or directory

Impact

The firewall control service does not run; it's completely blocked. This occurs because there is no Python support provided in macOS 12.3.

Conditions

-- Locked Mode is enabled in any Edge Client version. -- The client's operating system is upgraded to macOS 12.3.

Workaround

There is no direct workaround, but you can find several mitigation steps in K37264030: VPN Firewall Traffic Control Service breaks with macOS 12.3 upgrade. https://support.f5.com/csp/article/K37264030

Fix Information

This release introduces a pyinstaller executable along with the package to support the firewall controller service. Note: Compatibility is maintained for older macOS versions as well with the newly introduced mechanism.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips