Bug ID 769853: Access Profile option to restrict connections from a single client IP is not honored for native RDP resources

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,,, 13.1.3,,,,,,, 13.1.4,, 13.1.5,, 14.0.0,,,,,, 14.0.1, 14.1.0,,,,,, 14.1.2, 15.0.0, 15.0.1

Fixed In:

Opened: Apr 06, 2019

Severity: 3-Major

Related Article: K24241590


When launching a native RDP resource (desktop/application) from APM Webtop, APM provides an RDP file to the browser and the browser invokes the native RDP client to launch the resource with the parameters specified in the RDP file. When Access profile option 'Restrict to Single Client IP' option is enabled, user should only be allowed to launch the resource from the client that initiated the request.


RDP file provided by APM can be used for launching the RDP resource on a client machine that did not initiate the APM session.


-- APM Webtop is configured with native RDP resource. -- 'Restrict to Single Client IP' option is enabled in Access Profile.



Fix Information

When Access Profile option 'Restrict to Single Client IP' is enabled, APM restricts native RDP resource launch from the client that initiated the APM session.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips