Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
11.6.2 HF1, 11.4.0, 11.4.1
Fixed In:
11.6.0, 11.5.1 HF6, 11.4.1 HF6
Opened: Oct 28, 2013 Severity: 3-Major
ASM subsystem error in /var/log/asm: Oct 27 15:35:42 10_2_1_hf3 crit g_server_rpc_handler_async.pl[19560]: 01310027:2: ASM subsystem error (asm_config_server.pl,F5::ASMConfig::Handler::log_error_and_rollback): 01070265:3: The ASM predefiend policy (POLICY_TEMPLATE_OWA_EXCHANGE_2003_HTTPS) cannot be deleted because it is in use by a ASM policy (/Common/templ_1_default_copy)
ASM restarts continuously.
Upgrade from 11.3 configuration rollforward of ASM policy from custom template breaks ASM.
As a workaround, the device can be installed without roll-forward of configuration (with liveinstall.saveconfig and liveinstall.moveconfig disabled, and the UCS file saved to /shared/tmp). Subsequently, after ASM is provisioned and starts up initially, the UCS can be loaded.
We fixed an issue that sometimes stopped you from deleting an ASM security policy that was created using a template after you rolled-forward the policy's configuration from a previous version.