Last Modified: Jan 15, 2026
Affected Product(s):
BIG-IP PEM
Known Affected Versions:
15.1.10.8, 16.1.6.1, 17.1.3, 21.0.0
Opened: Dec 23, 2025 Severity: 4-Minor
TCP fingerprinting tethering detection does not work when a subscriber's traffic comes from a tethering Mac OS system.
Tethering from a MacOS operating system is never detected.
- PEM tethering detection, is configured in a PEM policy rule like this one: pem policy policy-01 { rules { detect-01 { dtos-tethering { dtos-detect enabled report { dest { hsl { publisher default-ipsec-log-publisher } } } tethering-detect enabled } precedence 1000 } } transactional enabled } - The subscriber connects through a Windows, Android or IoS phone, and the phone OS is recognised in the PEM "Device OS" PEM session field, for example: Device Name Nokia_Corporation-Nokia_Lumia_710 Device OS Windows_Mobile_8 - An iRule to detect tethering is configured in the relevant virtual server, for example: ltm rule tethering-detection { when CLIENT_ACCEPTED { set ip [IP::client_addr] set tether [PEM::session info tethering detected $ip] if {$tether eq "1"} { log local0. "Tethering detected !" } else { log local0. "no tethering detected" } } } - The subscriber is tethering through the phone using a MacOS operating system.
None
None