Applies To:
Show Versions
BIG-IP APM
- 17.1.0, 17.0.0, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0, 15.1.10, 15.1.9, 15.1.8, 15.1.7, 15.1.6, 15.1.5, 15.1.4, 15.1.3, 15.1.2, 15.1.1, 15.1.0, 15.0.1, 15.0.0, 14.1.5, 14.1.4, 14.1.3, 14.1.2, 14.1.0, 14.0.1, 14.0.0, 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0
Summary:
BIG-IP Edge Client establishes secure communications to applications and networks. It provides users with full access to IP-based applications, resources, and intranet files as if they were physically working on the office network.
The Edge Client version 7.2.2 is now available on downloads.f5.com (Under the APM Clients container).
Contents:
User documentation for this release
For a comprehensive list of documentation that is relevant to this release, refer to the following pages:
Features and enhancements in 7.2.2
- Edge Client support for the Windows 10 and Windows 11 running on ARM
- With this release, the Edge client supports Windows 10 and Windows 11 on ARM64 devices. You do not need to update the server to use Edge Client on Windows ARM. However, support for Edge Client installation package creation for ARM64 on BIG-IP would be available in the upcoming BIG-IP version 17.0.0 or higher releases. If you plan to migrate to ARM64 with Edge Client 7.2.2 version, you would need to patch your current BIG-IP version. To produce an installer for ARM64 on older versions of BIG-IP, contact F5 support for assistance.
- TLS 1.3 Support
-
With this release, Edge Client supports Transport Layer Security (TLS) protocol version 1.3 on Windows, macOS, and Linux operating systems. TLS 1.3 is auto-enabled on macOS and Linux.
To enable TLS 1.3 on Windows 10 1903 Version 10.0.18362.116 or later, perform the following steps:
- Open Internet Options, click the Advanced tab and select the Use TLS 1.3 (experimental) check box. Click OK.
- Using registry editor, navigate to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.3\Client folder and edit the following REG_DWORD values:
- set the "DisabledByDefault" value to 0
- set the "Enabled" value to 1
Fixes
The following issues have been fixed in this release.
| ID Number | Description |
|---|---|
| 682015 | Previously, the EdgeClient APM session was not closed when the Windows system shut down. This issue is fixed, and now the BIG-IP closes the session when the Windows system is turned off or the user logs off. |
| 873349 1021589 1021597 |
Previously, the BIG-IP Mac or Linux Web client failed to establish the VPN connection when DNAT changed the destination port of the BIG-IP virtual server. This issue is fixed, and now you can use the Web client to establish the VPN connection in an environment where DNAT is configured. |
| 974837 | Fixed an issue where the browser-based VPN components failed to launch for the first time connection after an upgrade. You could observe the following error message in a pop-up dialog of the browser when the network access failed to launch: Error: "F5 VPN - Your session could not be established" "Your session could not be established. The session reference number: nnnnnnnn Application will be closed" |
| 978945 | Previously, EdgeClient for macOS failed to wake up from sleep because the svpn process stopped responding. This issue is fixed, and now, the Edge client on macOS can maintain a VPN connection when the system is in sleep mode. |
| 993837 | In some cases, when the locked-mode enabled Edge Client tried to connect to the virtual server, it was unresponsive for 20 seconds but would start working eventually. This issue is fixed, and now the connection to the virtual server works without any delay. |
| 1005241 | Even when the Edge Client failed to resolve the DNS name of the APM virtual server, it kept connecting to the server and trying to download the file /pre/config.php, which failed and caused the following error message: 'Error: Can't receive settings from server' This issue is fixed, and now the Edge Client does not attempt to establish a VPN connection until the DNS name is resolved. |
| 1019161 1067993 |
Fixed the issue where Edge Client installation did not follow best practices. |
| 1044545 | Fixed the issue where APM clients did not follow best practices when establishing a VPN connection. |
| 1041137 | Upgraded the MSXML library to MSXML version 6.0. Refer to the link for changes related to the MSXML 6.0. |
| 1066361 | Fixed the issue where EPSEC binaries prior to version 1156 are signed with an expired certificate without a signature timestamp. The minimum EPSEC version supported for Edge Client 7.2.2 is the EPSEC 1156 which is signed with a new certificate and timestamped properly. |
| 1071989 | Previously, on macOS Monterey, the Edge Client UI continued to show the 'Connecting' status, even when the VPN connection was established. This issue is fixed, and now the Edge Client user interface displays the correct VPN status. |
Known issues
The following are known issues in this release.
| ID Number | Description |
|---|---|
| 1059025 | The Locked mode of all Edge Client versions fails to work on macOS version 12.3 due to the deprecated Python 2.x version, and no other Python version is shipped with the operating system. Refer to the K37264030 article for more information. |
| 1072901 | The Windows logon integration does not work with TLS 1.3 on windows 10 and Windows 11. Workaround: Enable other versions of TLS to allow Windows Logon client to fallback to an older version of TLS protocol. |
| 1077749 | EPSEC version 1156 is not certified on Windows 10 and Windows 11 on the ARM processors. |
| 1082821 | When trying to establish a VPN connection using a browser, it does not work with TLS 1.3 on all versions of macOS. Workaround: Enable other versions of TLS to allow the browser to fallback to any other versions of TLS protocol. |
| 1082825 | When trying to establish a VPN connection using a browser, it does not work with TLS 1.3 on Linux. Workaround: Enable other versions of TLS to allow the browser to fallback to any other versions of TLS protocol. |
| 1082909 | When trying to establish a VPN connection, it does not work with TLS 1.3 on Windows 11. Workaround: Enable other versions of TLS to allow APM client to fallback to any other versions of TLS protocol. |
| 1083397 | Installation of the Edge Client versions prior to 7.2.2 may be successful on the ARM64-based Windows 10 and Windows 11 but fails to establish the VPN connection. Workaround: Uninstall the prior versions of Edge Client 7.2.2 and install the ARM64-supported Edge Client version using the MSI installer package. |
| 1084369 | Optimized tunnels are not supported on ARM64-based Windows 10 and Windows 11 systems. When Optimized tunnels are used, the tunnel connection fails without user notification. Workaround: In some cases, use a static app tunnel to establish a tunnel connection. |
Contacting F5
| North America | 1-888-882-7535 or (206) 272-6500 |
| Outside North America, Universal Toll-Free | +800 11 ASK 4 F5 or (800 11275 435) |
| Additional phone numbers | Regional Offices |
| Web | http://www.f5.com |
| support@f5.com |
How to Contact F5 Support or the Anti-Fraud SOC
- By phone in the U.S. (accessible 24x7): 888-88askf5 (888-882-7535).
- International contact numbers: http://www.f5.com/training-support/customer-support/contact/.
- The Support Coordinator can contact the SOC as needed.
You can manage service requests and other web-based support online at F5 My Support (registration required). To register email CSP@F5.com with your F5 hardware serial numbers and contact information.
You can contact the Anti-Fraud SOC as follows:
- By phone in the U.S. (accessible 24x7): 866-329-4253 (Option #3 for Anti-Fraud)
- International contact numbers: https://f5.com/products/platforms/silverline/f5-silverline-ddos-protection
Additional resources
You can find additional support resources and technical documentation through a variety of sources.
| F5 Support | Free self-service tools give you 24x7 access to a wealth of knowledge and technical support. Whether it is providing quick answers to questions, training your staff, or handling entire implementations from design to deployment, F5 services teams are ready to ensure that you get the most from your F5 technology. |
| AskF5 Knowledge Base | The storehouse for thousands of knowledgebase articles that help you manage your F5 products more effectively. Whether you want to browse periodically to research a solution, or you need the most recent news about your F5 products, AskF5 is your source. |
| BIG-IP iHealth Diagnostics and BIG-IP iHealth Viewer | BIG-IP iHealth Diagnostics identifies issues, including common configuration problems and known software issues. It also provides solutions and links to more information. With BIG-IP iHealth Viewer, you can see the status of your system at-a-glance, drill down for details, and view your network configuration. |
| F5 DevCentral | Collaborate and share innovations including code samples, new techniques, and other tips, with more than 300,000 F5 users worldwide. DevCentral is the place to ask questions, find solutions, learn to harness the power of F5’s powerful scripting language, iRules, and much more. |
| Communications Preference Center | Here, you can subscribe to a number of communications from F5. For information about the types of notifications F5 provides, see K9970: Subscribing to email notifications regarding F5 products. |
