Last Modified: Sep 13, 2023
Affected Product(s):
APM-Clients APM
Fixed In:
13.0.1
Opened: Nov 11, 2017 Severity: 3-Major Related Article:
K11043437
F5 VPN or Edge Client may drop DTLS and use TLS if DTLS packet reordering happens. Only Mac and Linux clients are affected. Messages in svpn log indicate bad HTTP header, for example: 2017-10-18,20:20:37:764, 56666,2126506,svpn, 1, /UHTTPChannel.cpp, 414, UHTTPChannel::beginConnection(), EXCEPTION - Could not parse HTTP header.
UDP packet reordering happens at a specific point of PPP negotiation. TLS is used instead of DTLS.
-- F5 VPN or EdgeClient is used. -- Linux or Mac clients.
None.
Previously, clients connecting via F5 VPN or Edge Client on Mac or Linux using DTLS might switch to TLS if DTLS packet reordering occurred. Now, Mac and Linux Edge Clients can handle UDP packet reordering and continue to use DTLS.