Bug ID 484847: DTLS cannot be disabled on Edge Client for troubleshooting purposes

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
11.4.0, 11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3

Fixed In:
12.0.0, 11.6.0 HF4, 11.5.3, 11.4.1 HF9

Opened: Oct 16, 2014
Severity: 3-Major


There is no client side option to disable DTLS. This option can be very useful in troubleshooting client connectivity issues.


Troubleshooting connectivity issues becomes difficult.


It is required to debug DTLS versus TLS connections.


Disable DTLS on server side.

Fix Information

Now you can add new registry keys and use them to disable DTLS on both BIG-IP Edge Client and browsers. Using these keys, you can disable DTLS on a particular client without changing the BIG-IP system configuration. To disable DTLS on a client machine: Create registry DWORD value (keys are both valid for both x64 and x86 systems): HKEY_LOCAL_MACHINE\Software\F5 Networks\RemoteAccess\EnableDTLSTransport or HKEY_CURRENT_USER\Software\F5 Networks\RemoteAccess\EnableDTLSTransport and set to 0

Behavior Change