Release Notes : BIG-IP Edge Client for iOS 2.0.2

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 11.5.1, 11.2.1

FirePass

  • 7.0.0, 6.1.0
Release Notes
Original Publication Date: 10/31/2018 Updated Date: 04/18/2019

Summary:

In April 2014, Apple posted the release of the iOS Edge Client version 2.0.2. This release patches the Heartbleed bug (OpenSSL CVE-2014-0160). Users should download this new version from the app store.

Contents:

User documentation for this release

For a comprehensive list of documentation that is relevant to this release, refer to the following pages:

Features and enhancements in 2.0.2

Features in 2.0.2

There are no new features in version 2.0.2.

Features in 2.0.1

Edge Client Lite mode
Edge Client Lite mode provides a blank black user interface with no branding, and can be started from the URL scheme f5edgeclient-lite://. See the documentation or Edge Client online help for more information.

Features in 2.0.0

Per-App VPN Support
Per APP-VPN support. On iOS 7, Apple enhanced their VPN framework to support per-application level layer-4 tunneling. Apps can now be configured to automatically connect to a specific VPN when they are launched, giving granular control over corporate network access. It ensures that data transmitted by managed apps travels through VPN. This capability has to be configured with the use of an MDM product. See your MDM user documentation for more details.

Behavior changes in 2.0.2

There are no behavior changes in 2.0.2.

Known issues in 2.0.2

ID number Description
455221 In some circumstances the tunnel connects but cannot pass traffic. If the problem persists the device must be rebooted.

Fixes in 2.0.2

Fixes in 2.0.2

ID number Description
456345 This patches a vulnerability (CVE-2014-0160) with some OpenSSL versions, also known as Heartbleed, that could reveal up to 64k of encrypted memory.

Fixes in 2.0.1

There are no fixes in version 2.0.1.

Fixes in 2.0.0

ID number Description
427862 Previously, when a user hit a redirect ending using Web Logon mode on the iOS Edge Client, the redirect was not correctly completed by the client. Now the redirect completes correctly in Web Logon mode.
431094

Starting in iOS 7, the system prevents an app from accessing log entries at the kernel level, and from other apps. As a result, the log Edge-Client-Console.log is no longer sent as part of the troubleshooting log files.

In order to view the system console log entries, a user must connect the device to a PC or Mac, and use the iPhone Configuration Utility.

431354 Previously, when a client certificate was deleted from the iOS device certificate store, and the certificate was used in an Edge Client configuration, there was no warning to the user when attempting to connect with the configuration. Now, a warning is displayed when the certificate is missing.

Fixes in 1.0.6

There were no fixes in 1.0.6

Fixes in 1.0.5

ID number Description
383083 Previously, when sending an Edge Client command through a URL, the Edge Client prompted the user for confirmation of any change. At present, the user is prompted only when creating a new server configuration on the Edge Client.
383086 The Disconnect Idle Timeout setting is now configurable through server settings in Access Policy Manager version 11.4, and set to 120 seconds for other server versions.
384830, 400979, 408517, 412478, 418457 Some vulnerabilities were fixed and improvements made, in handling of OpenSSL libraries, SSL renegotiation, TLS, and DTLS.
386713 Previously, a default IPv6 route was added when split tunneling was enabled. This route was used only if the client had no IPv6 configuration, but should have been inactive. At present, default IPv6 tunnels are inactive.
387521 Previously, specifying a route of 0.0.0.0/0.0.0.0 did not correctly force all traffic through the tunnel on iOS devices. At present, specifying such a route forces all traffic through the tunnel on iOS devices.
397177 Memory handling issues were fixed.
399931 Some screen alignment issues were fixed.
399938 Previously, if the Edge Client started an access policy that had no Logon Page access policy item, a blank page appeared in the Edge Client. At present, if the access policy does not include a Logon Page item, a blank page does not appear in Edge Client.
400144 Some wording errors were fixed in the client.
417727 Previously, if the Edge Client connected to a server that did not support IPv6, and the option Force all traffic through tunnel was enabled on the network access tunnel, IPv6 traffic was not blocked. At present, IPv6 traffic is not allowed by the client when the server does not support IPv6, and Force all traffic through tunnel is enabled.
419598 Previously, when using a managed Edge Client configuration created by MDM or iPCU, users could not enter passwords or user names, even when required. At present, user names and passwords can be entered in such configurations.

Contacting F5 Networks

Phone: (206) 272-6888
Fax: (206) 272-6802
Web: http://support.f5.com
Email: support@f5.com

For additional information, please visit http://www.f5.com.

Additional resources

You can find additional support resources and technical documentation through a variety of sources.

F5 Networks Technical Support

Free self-service tools give you 24x7 access to a wealth of knowledge and technical support. Whether it is providing quick answers to questions, training your staff, or handling entire implementations from design to deployment, F5 services teams are ready to ensure that you get the most from your F5 technology.

AskF5

AskF5 is your storehouse for thousands of solutions to help you manage your F5 products more effectively. Whether you want to search the knowledge base periodically to research a solution, or you need the most recent news about your F5 products, AskF5 is your source.

F5 DevCentral

The F5 DevCentral community helps you get more from F5 products and technologies. You can connect with user groups, learn about the latest F5 tools, and discuss F5 products and technology.

AskF5 TechNews

Weekly HTML TechNews
The weekly TechNews HTML email includes timely information about known issues, product releases, hotfix releases, updated and new solutions, and new feature notices. To subscribe, click TechNews Subscription, complete the required fields, and click the Subscribe button. You will receive a confirmation. Unsubscribe at any time by clicking the Unsubscribe link at the bottom of the TechNews email.
Periodic plain text TechNews
F5 Networks sends a timely TechNews email any time a product or hotfix is released. (This information is always included in the next weekly HTML TechNews email.) To subscribe, send a blank email to technews-subscribe@lists.f5.com from the email address you are using to subscribe. Unsubscribe by sending a blank email to technews-unsubscribe@lists.f5.com.

Legal notices