Release Notes : BIG-IP Edge Client for iOS 2.0.3

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 11.5.1, 11.2.1

FirePass

  • 7.0.0
Release Notes
Original Publication Date: 10/31/2018 Updated Date: 04/18/2019

Summary:

In September 2014, Apple posted the release of the iOS Edge Client version 2.0.3. Users should download this new version from the app store. For operational differences with SSL VPN between iOS 8 and previous iOS releases, refer to documentation from Apple.

Contents:

User documentation for this release

For a comprehensive list of documentation that is relevant to this release, refer to the following pages:

Features and enhancements in 2.0.3

ID number Description
463498 SAML authentication can now be performed within Edge Client to establish a VPN connection
The BIG-IP® Edge Client® application for mobile devices provide the following SAML support:
  • SP-initiated access only (e.g. APM acting as the SP).
  • Web Logon mode only.
  • Single Logout (SLO) is supported only when the logout action is initiated from the client.
453765 The admin or the user can now specify a client certificate to be used for WebLogon.
346136 On Demand VPN now works with "username + password" when a user enable the "Allow Password Caching" policy on the APM server.
475404 A user can now create VPN configurations without requiring users to specify the user name during creation. However, a user name entered from an authentication prompt will automatically be saved in the VPN configuration if the credentials were successfully authenticated and the connection was launched by the user within Edge Client (as opposed to being launched by URL scheme or VPN-on-Demand).
468486 Previously, there is no way to explicitly specify the logon mode of the VPN connection. If either username or certcn is specified as one of the URL parameters, Edge Client will implicitly use the native logon mode. Web logon mode would only be used if there is no user name or certificate specified.
In version 2.0.3, a logon_mode parameter can now be specified as part of the URL parameters. It allows the user to explicitly specify the logon mode as either web or native. An error message will be shown if any of the input parameters is not valid for the specified logon mode. If no logon_mode parameter is specified, the native mode will be selected as the default.

Behavior changes in 2.0.3

ID number Description
475017 Starting on iOS 7, domains entered in the Always Connect section have the same behavior as the Connect If Needed status. On iOS 8.x systems, domains entered in the Always Connect section are automatically moved to Connect If Needed status by the system after the VPN configuration is saved.

Known issues in 2.0.3

ID number Description
476549 The DNS address spaces are limited to 64 entries. When split tunneling is enabled, the Apple VPN framework only allow up to 64 entries for the DNS address space. Exceeding this number will generate warning messages in the device console log, such as the following:
Aug 22 10:54:18 iPad mDNSResponder[50] <Error>: mDNS_AddDNSServer: DNS server limit of 64 reached, not adding this server Aug 22 10:54:18 iPad mDNSResponder[50] <Error>: mDNS_AddDNSServer: DNS server limit of 64 reached, not adding this server Aug 22 10:54:18 iPad mDNSResponder[50] <Error>: mDNS_AddDNSServer: DNS server limit of 64 reached, not adding this server .
351545 When a user is prompted for password credentials, the cursor remains in the auto-filled username field when the cursor should be in the password field. This issue exists on the Apple Control UI.

Fixes in 2.0.3

ID number Description
464861 Previously, a user might notice the Per-App VPN connection is established but some websites or some of their content could fail to load. This issue as been fixed in 2.0.3.

Contacting F5 Networks

Phone: (206) 272-6888
Fax: (206) 272-6802
Web: http://support.f5.com
Email: support@f5.com

For additional information, please visit http://www.f5.com.

Additional resources

You can find additional support resources and technical documentation through a variety of sources.

F5 Networks Technical Support

Free self-service tools give you 24x7 access to a wealth of knowledge and technical support. Whether it is providing quick answers to questions, training your staff, or handling entire implementations from design to deployment, F5 services teams are ready to ensure that you get the most from your F5 technology.

AskF5

AskF5 is your storehouse for thousands of solutions to help you manage your F5 products more effectively. Whether you want to search the knowledge base periodically to research a solution, or you need the most recent news about your F5 products, AskF5 is your source.

F5 DevCentral

The F5 DevCentral community helps you get more from F5 products and technologies. You can connect with user groups, learn about the latest F5 tools, and discuss F5 products and technology.

AskF5 TechNews

Weekly HTML TechNews
The weekly TechNews HTML email includes timely information about known issues, product releases, hotfix releases, updated and new solutions, and new feature notices. To subscribe, click TechNews Subscription, complete the required fields, and click the Subscribe button. You will receive a confirmation. Unsubscribe at any time by clicking the Unsubscribe link at the bottom of the TechNews email.
Periodic plain text TechNews
F5 Networks sends a timely TechNews email any time a product or hotfix is released. (This information is always included in the next weekly HTML TechNews email.) To subscribe, send a blank email to technews-subscribe@lists.f5.com from the email address you are using to subscribe. Unsubscribe by sending a blank email to technews-unsubscribe@lists.f5.com.

Legal notices