Last Modified: Apr 28, 2025
Affected Product(s):
APM-Clients TMOS
Known Affected Versions:
7.1.6, 7.1.6.1, 7.1.7, 7.1.7.1, 7.1.7.2
Fixed In:
7.1.8
Opened: Jul 26, 2018 Severity: 3-Major
- One of the configured endpoint checks may fail while using Windows Edge client. - User sees Access Denied page. - Client side log file f5InspHostCtrl.txt will log such entries when a client side check cannot be sent to the BIG-IP: 2017-07-21, 7:35:51:419, 11568,2940,, 1, \UXMLAgentParser.h, 415, UXMLAgentParserImpl::Parse, Parsing error 0xffffffffc00ce558 (XML document must have a top level element. ) on line 0, position 0 2017-07-21, 7:35:51:419, 11568,2940,, 1, \UXMLAgentParser.h, 419, UXMLAgentParserImpl::Parse, invalid line 2017-07-21, 7:35:51:419, 11568,2940,, 48, \UXMLAgentParser.h, 420, UXMLAgentParserImpl::Parse, 2017-07-21, 7:35:51:419, 11568,2940,, 1, , 0, , EXCEPTION - UXMLAgentParserImpl::Parse() - pParsingErr != NULL
- User sees Access Denied page the first time this issue happens. - User must click Cancel on the logon window and click connect again.
While the issue is intermittent there are certain cases where it can be seen more often. The conditions are as follows: -- One or more endpoint checks configured in the policy -- User connects to VPN the first time and then disconnects. Then immediately, within a few seconds, clicks Connect on the same running instance of Edge Client. Or, the user clicks Connect and some network event happens (connection going down, another network adapter being connected etc) triggering captive portal detection at the same time the policy is being evaluated.
- Disable captive portal detection (https://support.f5.com/csp/article/K14766)
None