Last Modified: Oct 22, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
17.5.1, 17.5.1.2, 17.5.1.3
Opened: Sep 04, 2025 Severity: 2-Critical
When the Access policy is configured in a route domain using "Route Domain and SNAT Selection" agent, and the virtual server is not configured in any route domain, VPN connection can fail with the error "iSession: Connection error: isession_handle_syn:3740: No peer:4". This is applicable only for Windows-based Edge clients and Browser clients.
VPN connection may fail
1. Windows client is used 2. Only Access policy is configured in route domain 3. User tries to establish VPN connection
Any of the following workarounds can be applied: -- Configure route domain with parent as default route domain. -- Disable ipv6 using "tmsh modify sys db ipv6.enabled value false" -- tmsh modify sys db isession.ctrl.apm value disable
None