Some limitations are listed below:

  • Certain ciphers are not supported when using HTTP/2 – but these are automatically disabled when HTTP/2 support is enabled in the LoadMaster.
  • If either NT LAN Manager (NTLM) or Kerberos authentication is enabled on a Virtual Service, HTTP/2 will be disabled. Similarly, if HTTP/2 support is enabled on a Virtual Service, NTLM/Kerberos authentication will be disabled.
  • SAML authentication does not currently work correctly with HTTP/2.
  • TLS 1.2 must be enabled in the Supported Protocols in the SSL Properties section for HTTP/2 to work
  • The Process Responses option in the WAF Options section cannot be enabled if HTTP/2 is enabled
  • Content switching when matching inside a POST does not work with HTTP/2.
  • When using HTTP/2, after killing a session the HTTP/2 client still has access to the application until the underlying connection is closed. Examples of closing the underlying connection are; the user closes the browser, the user does a hard reset (Ctrl + F5), or the connection reaches an idle timeout.
  • When using HTTP/2, transparency is not used even if it is enabled. This is because one connection is mapped to multiple connections. HTTP/1.1 clients are still transparent when HTTP/2 and transparency are both enabled.
  • Packet counts are not reported when using HTTP/2.