Bug ID 862641: In Always Connected locked mode, Stonewall service does not block traffic when integrated IP filtering engine is enabled and the VPN disconnects.

Last Modified: Apr 28, 2025

Affected Product(s):
APM-Clients TMOS(all modules)

Fixed In:
7.1.8.3

Opened: Dec 16, 2019

Severity: 3-Major

Symptoms

- When the integrated IP filtering engine is enabled and the VPN disconnects in Always Connected + Block Traffic mode, the Stonewall service does not block traffic. - User has unrestricted internet access.

Impact

- User has unrestricted internet access even when VPN is not connected.

Conditions

- Integrated IP filtering engine setting enabled in Network Access settings. - Connected VPN disconnects and Access Policy is executed again for a new session.

Workaround

- Restart Stonewall service after the issue occurs.

Fix Information

- Stonewall service blocks all internet traffic until user connects to VPN.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips