Last Modified: May 29, 2024
Affected Product(s):
BIG-IP AFM, CGN, LTM, PEM
Known Affected Versions:
12.1.5.3, 12.1.6, 13.1.3.5, 13.1.3.6, 13.1.4, 13.1.4.1, 14.1.2.8, 14.1.3, 14.1.3.1, 14.1.4, 14.1.4.1, 14.1.4.2, 14.1.4.3, 14.1.4.4, 14.1.4.5
Fixed In:
15.0.0, 14.1.4.6, 13.1.5
Opened: Jan 25, 2019 Severity: 3-Major
Traffic sent by a first virtual server to a second internal virtual server may fail. Traffic is silently dropped.
The traffic sent to the internal virtual server is silently dropped.
One of the following configurations: - A virtual server configured with a pem policy rule that targets an internal radius virtual server that sends traffic statistics to a radius server. - A virtual server configured with an iRule that opens a sideband connection to a second internal virtual server using the iRule command "connect". - A virtual server configured with an iRule that forwards traffic to a second internal virtual server using the iRule command "virtual", where the second virtual server performs source address translation with an LSN pool or with AFM NAT.
Avoid using a PEM policy rule that targets an internal radius virtual server. Avoid traffic forwarding to an internal virtual server with the iRule commands "connect" or "virtual".
The traffic is now successfully sent or redirected to the internal virtual server without any drops.