Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP APM
Known Affected Versions:
13.1.1, 13.1.1.2, 13.1.1.3, 13.1.1.4, 13.1.1.5, 13.1.3, 13.1.3.1, 13.1.3.2, 13.1.3.3, 13.1.3.4, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 13.1.5, 13.1.5.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1, 14.1.0, 14.1.0.1, 14.1.0.2, 14.1.0.3, 14.1.0.5, 14.1.0.6, 14.1.2, 14.1.2.1, 14.1.2.2, 14.1.2.3, 14.1.2.4, 14.1.2.5, 14.1.2.6, 14.1.2.7, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5, 14.1.4.6, 14.1.5, 14.1.5.1, 14.1.5.2, 14.1.5.3, 14.1.5.4, 14.1.5.6, 15.0.0, 15.0.1, 15.0.1.1, 15.0.1.2, 15.0.1.3, 15.0.1.4
Fixed In:
16.0.0
Opened: Apr 30, 2019 Severity: 3-Major
The GUI allows an admin to enter an IP address in DNS Address Space fields. This causes an exception and prevents the Edge Client from connecting when using machine tunnels.
Machine Tunnels fail to connect when DNS Address Space is configured, and although the log message written on the client is helpful in resolving the issue, the misconfiguration should not be allowed.
The UI accepts an IP Address as valid input, when it should not. If the network access profile is used for the Edge Client, the network works as expected, so essentially the Edge Client ignore the invalid configuration. However, if the same network access profile is used for a Machine Tunnel, the Machine Tunnel creates an exception and the VPN does not load.
Remove the IP address in DNS Address Space field.
Validation was added to prevent IP addresses from being added to DNS Address Space and DNS Exclude Address Space.