F5 APM added network

Question

why does f5 APM adds this network when I use split tunnel&nbsp;        128.0.0.0    255.255.252.0         On-link      172.22.101.5      1
        128.0.0.3  255.255.255.255         On-link         128.0.0.3    281This causes a problem to my local networkmy local network is 128.0.0.0

p_vergaray · Answer

I've found this, may help you.https://my.f5.com/manage/s/article/K000140098

lucas_thompson · Answer

The routing that Edge Client (EC) sets is derived from the current routing and whatever the settings are on the client. Windows does have some DNS and proxy idiosyncrasies that necessitate the client to push a "route all traffic over the tunnel" route as 0.0.0.0/1 &amp; 128.0.0.1/1 in some cases, because Windows treats devices with a 0.0.0.0/0 route differently than devices with both 0.0.0.0/1 and 128.0.0.1/1 routes, even though at L3 they're effectively equivalent. You might try to adjust your client PC to a more common "192.168" subnet to see how the behavior changes.&nbsp;
You can find in the Edge Client log files very detailed logging about what is the current (before EC does anything) and what is the result (after EC adjusts the routes) that are set.&nbsp;
Examine these EC logs closely to see how this compares to your Network Access List settings.

&nbsp;

ac89live · Answer

I am familiar with those settings, and this issue does not happen to any other win10 outside my local network.

This happens only to my local network, and cannot change it now to 192.168. because it is complicated

but the question is why the F5 decides to route my local network 128.0.0.0 to its VPN gateway ?

I contacted TAC and they asked to gather some logs from CTU... but they still investigating this issue

It worth mentioning that this is issue not not occur if using browser with network connect enabled after the connection established. This issue only happens with BigIP Edge Client.

ac89live · Answer

Update#2:Adding 128.0.0.0 to "IPV4 Exclude Address Space" has resolved the issue.But, Why we needed to add this?We have not added 128.0.0.0 to "IPV4 LAN Address Space". So why edge client rerouting 128.0.0.0 to tunnel ?I asked F5 TAC and waiting for them to answer

abed_al-r · Answer

Thanks

Forum Discussion

F5 APM added network

Recent Discussions

Glucovate Blood Sugar Support Review (2024-2025): Pros, Cons, and Potential Side Effects

F5 Hotfix

Bypass "Bad unescape" in Body POST (ASM, POST, JSON)

URL redirect

Bypass the character for Evasion technique Detected violation

Related Content

What is Multi-Cloud Networking?

Yubikey Authentication Modes and Azure AD integration via the APM

Simplify Network Segmentation for Hybrid Cloud

Adding a network interface to a Big-IP VE?

A complete Multi-Cloud Networking walkthrough with F5 Distributed Cloud