Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP APM
Known Affected Versions:
12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.1.0, 12.0.0 HF3
Opened: Mar 24, 2014 Severity: 3-Major
There is no way to configure BIG-IP Edge Client in enforce autoconnection mode when user has no control over Edge Client.
Edge Client always has three buttons, user can override Edge Client behavior.
Edge Client is configured to be in AlwaysConnected mode. Connectivity profile has Enterprise LAN suffixes configured.
None
The BIG-IP Edge Client can be configured to respect network location awareness (NLA) settings from the connectivity profile, and disconnects the VPN when inside enterprise network, and establishes VPN when outside of enterprise network. Edge Client has no button when operating in this mode. To configure network location awareness, Edge Client should be configured as follows: 1. 'Enable Always connected mode' checked. 2. 'Traffic flow when VPN is disconnected' set to 'Allow only in enterprise LAN' or 'Always'. 3. Connectivity profile should have suffixes configured.
The BIG-IP Edge Client can be configured to respect network location awareness (NLA) settings from the connectivity profile, and disconnects the VPN when inside enterprise network, and establishes VPN when outside of enterprise network. Edge Client has no button when operating in this mode. To configure network location awareness, Edge Client should be configured as follows: 1. 'Enable Always connected mode' checked. 2. 'Traffic flow when VPN is disconnected' set to 'Allow only in enterprise LAN' or 'Always'. 3. Connectivity profile should have suffixes configured.