Applies To:
Show VersionsBIG-IP APM
- 14.0.1, 14.0.0, 13.1.3, 13.1.1, 13.1.0
Summary:
Version 7.1.6.1 of the Edge Client is now available on downloads.f5.com.
Contents:
User documentation for this release
For a comprehensive list of documentation that is relevant to this release, refer to the following pages:
Features and enhancements in 7.1.6.1
Features and Enhancements in 7.1.6.1
There are no features or enhancements in this version.
Features and Enhancements in 7.1.6
Client Troubleshooting Utility logging: The Client Troubleshooting Utility can now collect all service and user logs in a single run. Previously, to collect troubleshooting logs, the user had to run the utility twice, once as a user, and the second time as an administrator.
This version of the Client Troubleshooting Utility prompts the user to escalate privileges and collects all the logs in a single run.
Network Location Awareness: The usability of the Network Location Awareness feature has been improved in an Always Connected configuration, Network connectivity is enabled only when the user is connected to the Enterprise LAN, either directly or through the VPN. Previously, a running instance of Edge Client was required for the network location to be detected. Now a running instance of Edge client is not required. Also, this mode works even when the user is not logged onto the machine.
Connection Startup Time: Initial loading and connection time for Edge Client connections with limited bandwidth has been significantly improved, by reducing the number of pre-connection resource requests (691777).
Fixes in 7.1.6.1
Fixes in 7.1.6.1
ID Number | Description |
---|---|
655209 | Previously, on Linux, configured applications launched with root permissions when the VPN connection was established. Now, configured applications launch with user privileges. |
686718-5 | Previously, in some cases the VPN tunnel adapter created by the VPN client stayed up even when the tunnel was disconnected. The tunnel adapter is now closed on VPN termination, even when Application launch is configured. |
702873-1 | Previously, the Windows Logon Integration feature sometimes caused the Windows Logon screen to freeze. Now, this issue has been fixed. As a side effect of the fix, the Logon screen now shows duplicates of the pre-logon VPN Entries, which might be confusing for users. One duplicate comes from the Microsoft Credentials Provider. To disable the default Microsoft Credentials Provider see https://social.technet.microsoft.com/Forums/windows/en-US/9c23976a-3e2b-4b71-9f19-83ee3df0848b/how-to-disable-additional-credential-providers?forum=w8itprosecurity. |
703984-4 | On MacOS, the Machine Cert check previously checked only the beginnings of the client hostname and cert SAN. Now, the Machine Cert check checks the full strings. |
704535-1 | F5 VPN and F5 EPI now properly consume data processed by Chrome 64+. Because earlier versions of F5 VPN or F5 EPI do not work properly with Chrome 64+ browser, you must launch applications out-of-band (by standalone installer), or by launching F5 VPN/F5 EPI from another browser (such as Firefox or Edge). |
705208-1 | Previously, Edge Client on Windows was unable to establish a VPN connection after SAML authentication. Now, Edge Client can now successfully establish a VPN connection after SAML authentication. |
707738-1 | Previously, a Network Access connection could not be established on Windows 10 RS4. This has been fixed. |
710407-2 | Previously, the F5 VPN and F5 EPI apps would quit on Linux distributions with Qt version 5.10.1 or higher. This has been fixed. |
Fixes in 7.1.6
ID Number | Description |
---|---|
668247 | Previously, on Windows, the Machine Certificate service was not used when UAC was disabled. Now, the Machine Certificate is used even when UAC is disabled. |
670926 | Previously a user with Firefox 54 or 55 on Fedora 24 or 25 could not establish a session to APM if endpoint checks were configured. This is fixed in Firefox 58. |
695409 | Previously, after the client upgrade from 13.0.0 to a later version, all users running FireFox or Chrome browsers on Windows were asked to re-install the Endpoint Inspector Application. Now, this issue has been fixed. |
671517 | Previously the incorrect language text was displayed in the main window of the Edge Client for macOS when the Disconnected button was clicked. This has been fixed. |
676690 | Previously, in some instances, the Edge Client on Windows would crash when the user signed out of Windows. This has been fixed. |
679074 | Previously, if the Allow Local DNS options was enabled, and only one DNS server was specified on a macOS High Sierra client, the VPN tunnel could not be established. This has been fixed. |
686206 | Previously, Machine Info agent did not collect information for disconnected network adapters on Mac OS X or Windows clients. The Machine Info now collects information on these adapters. |
687213 | Previously, in Always Connected mode, when Edge Client could not connect to APM, it switched to Always Disconnected mode, and did not retry the VPN connection. Now, when APM fails, Edge Client remains in Always Connected mode for locked clients, so the VPN tunnels can be established when the APM machine becomes available. |
689826 | Previously, on a Windows 10 system configured for a Unicode language (for example, Japanese, Korean, or Chinese) the client proxy autoconfig file was not assigned with Internet Explorer after the VPN connection was established. This issue has been fixed. |
691546 | Previously, DTLS would switch to TLS on networks with high latency. The internal DTLS timeout has been increased allowing DTLS to work on networks with latency of up to 3000ms. |
691808 | Previously, the launching of application tunnels to hosts with names beginning with a digit would fail. Now, application tunnels to such hosts do not fail. |
693994 | Previously, Edge Clients on Mac or Linux using DTLS might switch to TLS if DTLS packet reordering occurred. Now, Mac and Linux Edge Clients can handle UDP packet reordering and continue to use DTLS. |
694852 | Previously, F5 helper apps could not start with Firefox 56. The Firefox 57 update has resolved this issue. |
700783 | Previously, with a macOS system that had multiple hostnames, the machine certificate check could not check against all hostnames, causing failures in some scenarios. Now, the machine certificate check compares all hostnames on macOS devices. |
Known issues in 7.1.6.1
The following are known issues in this release.
ID Number | Description |
---|---|
590291 | The new web client depends on Qt library version 5.5. On some Linux distributions, this version may not be available in standard repositories. Web client installation fails on such distributions. As a workaround, download and install the required qt library from the non-standard repository. Then build and install required Qt library on the distribution before installing the web client. |
610436 | DNS resolution does not work in a particular case of DNS Relay Proxy Service, when two adapters have the same DNS Server address on Microsoft Windows version 10. To work around this issue, add the following registry key: HKLM\SOFTWARE\Policies\Microsoft\Windows NT\DnsClient with DWORD EnableMultiHomedRouteConflicts set to 0.This reverts the Windows DNS client behavior to pre-Windows 10 behavior, so the DNS relay proxy creates listeners on loopback for incoming requests, and the driver redirects DNS requests to the listener on the loopback. Important: Use extreme care when editing Windows registry keys. Incorrect modification of keys might cause unexpected behavior.
|
630062 | gnome-software returns the error This file is not supported for F5VPN and F5EPI RPMs on Fedora 25. As a workaround, open the Terminal application. From the command line run either of the following commands: - pkgcon install-local -y -n /path/to/rpm/package. - dnf install /path/to/rpm/package |
666497 | Some of the Korean translations in Microsoft Windows Edge Client's main windows are incorrect. |
681023 | F5 endpoint inspection and F5 VPN applications are not upgraded automatically on OpenSuse 42.3 and Suse Enterprise Desktop 12 SP2. As a workaround, with the F5 EPI or F5 VPN downloads linux_f5epi.tgz or linux_f5vpn.tgz in the platform's download folder.
|
681281 | On Fedora 26, after disconnecting from the VPN, the default route is not restored. As a workaround, disable and re-enable the network adapter. |
681956 | If a user disconnects from the VPN while there is no connectivity on a statically-configured network adapter, and network connectivity is then restored to that adapter after the disconnection, the default route is not restored. As a workaround, you can either manually add a default route to the network adapter gateway, or enable DHCP on the network adapter. |
683439 | On Windows 10 RS3 update or higher, if drive Mapping is configured in a Network Access resource, and that drive mapping resource doesn't require authentication, the drive mapping fails. As a workaround, enable authentication for the remote drive. |
683819 | When Edge Client is installed using the CLI or msiexec, the following config parameters are not installed.
|
689398 | After installing KB4041681 or KB4041691 from Windows Update, package users may see an error dialog that indicates that an application exception has occurred when closing some applications. This can affect applications that use mshtml.dll to load web content. The failure only occurs when a process is already shutting down and will not impact application functionality. As a workaround, uninstall KB4041681 (Windows 7) or KB4041691 (Windows 10). |
699330 | On a fedora 27 client, f5vpn and f5epi crash upon start, causing VPN and endpoint check features to be unavailable. The user cannot use the browser to establish a VPN connection or for endpoint checks. "As a workaround, download the patchelf utility and issue the following commands. For the endpoint inspection app: sudo patchelf --remove-needed libssl.so.1.0.0 /opt/f5/epi/f5epi sudo patchelf --remove-needed libcrypto.so.1.0.0 /opt/f5/epi/f5epi for the F5 VPN app: sudo patchelf --remove-needed libssl.so.1.0.0 /opt/f5/vpn/f5vpn sudo patchelf --remove-needed libcrypto.so.1.0.0 /opt/f5/vpn/f5vpn |
699970 | On macOS Sierra, the Edge Client system tray drop-down menu doesn't appear when another application is in fullscreen mode. |
700770 | When hosts and IP addresses are added manually to the registry exclusion list for Network Location Awareness Always Connected Mode, after uninstall of the client, they are deleted. After the client is reinstalled, those exclusions must be added again. |
700960 | On Ubuntu 17.10, after disconnecting from the VPN, the default route is not restored. As a workaround, disable and re-enable the network adapter to restore the connectivity. Alternatively, after an indeterminate period, the route is restored. |
703984 | The Machine Cert check improperly matches the hostname with CN and SAN. The option Match CN with FQDN should match the certificate's CN with the exact FQDN, but this option currently identifies the CN as a match with the FQDN even if only the initial characters of the FQDN match the CN. The option Match subject Alt Name with FQDN exhibits the same behavior, incorrectly matching the SAN with the FQDN even if only the initial characters match. |
Contacting F5 Networks
Phone - North America: | 1-888-882-7535 or (206) 272-6500 |
Phone - Outside North America, Universal Toll-Free: | +800 11 ASK 4 F5 or (800 11275 435) |
Fax: | See Regional Support for your area. |
Web: | https://support.f5.com/csp/home |
Email: | support@f5.com |
For additional information, please visit http://www.f5.com.
Additional resources
You can find additional support resources and technical documentation through a variety of sources.
- The F5 Networks Technical Support web site: https://f5.com/support
- The AskF5 web site: https://support.f5.com/csp/home
- The F5 DevCentral web site: https://devcentral.f5.com/
- AskF5 Publication Preference Center: https://interact.f5.com/AskF5-SubscriptionCenter.html
F5 Networks Technical Support
Free self-service tools give you 24x7 access to a wealth of knowledge and technical support. Whether it is providing quick answers to questions, training your staff, or handling entire implementations from design to deployment, F5 services teams are ready to ensure that you get the most from your F5 technology.
AskF5
AskF5 is your storehouse for thousands of knowledgebase articles that help you manage your F5 products more effectively. Whether you want to browse periodically to research a solution, or you need the most recent news about your F5 products, AskF5 is your source.
F5 DevCentral
The F5 DevCentral community helps you get more from F5 products and technologies. You can connect with user groups, learn about the latest F5 tools, and discuss F5 products and technology.
AskF5 Publication Preference Center
To subscribe, click AskF5 Publication Preference Center, enter your email address, select the publications you want, and click the Submit button. You will receive a confirmation email. You can unsubscribe at any time by clicking the Unsubscribe link at the bottom of the email, or on the AskF5 Publication Preference Center screen.
- TechNews Weekly eNewsletters: Up-to-date information about product and hotfix releases, new and updated articles, and new feature notices.
- TechNews Notifications: Periodic plain text TechNews, sent any time F5 releases a product or hotfix. (This information is always included in the next weekly HTML TechNews email.)
- Security Alerts: Timely security updates and ASM attack signature updates from F5.