Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
11.5.2
Fixed In:
11.6.0, 11.5.3
Opened: Jan 05, 2014 Severity: 3-Major
Incorrect assignment of ASM policy to LTM virtual server occurs when it is managed from the Local Traffic > Virtual Servers > Virtual Server List > <vs_name> > Security > Policies screen when the same ASM policy is assigned to multiple LTM virtual servers by the means of a single LTM policy (L7 policy).
Changes are applied to all LTM virtual servers that are assigned with the relevant LTM policy (L7 policy) instead of changing only the currently managed LTM virtual server.
ASM is provisioned, and an ASM policy is assigned to multiple LTM virtual servers by the means of a single LTM policy (L7 policy).
Assignment of ASM policies to LTM policies and to LTM virtual can be handled from the following screens: 1) LTM policies: Local Traffic > Policies > Policy List > <L7_policy_name> > Properties 1) LTM virtuals: Local Traffic > Virtual Servers > Virtual Server List > <vs_name> > Resources
The assignment of an ASM policy to an LTM virtual server at from Local Traffic > Virtual Servers > Virtual Server List > <vs_name> > Security > Policies is now NOT available when there is a one-to-many relationship between the underlying LTM policy to LTM virtual servers/ASM policies. In addition, the message 'Manual Configuration (Advanced)' is displayed in the 'Application Security Policy' field on that screen.