Bug ID 445335: Unlicensed LTM can be configured with Policy that requires license

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP LTM, PEM(all modules)

Known Affected Versions:
11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10

Opened: Jan 18, 2014

Severity: 3-Major

Symptoms

Certain features of the LTM require specific licensing; one of these features is PEM. LTM Policy supports PEM conditions and actions, and exposes these options even when PEM is not currently licensed. Therefore it is possible to create a policy that cannot be applied to a virtual server.

Impact

User sees error message, policy is not applied to virtual server.

Conditions

BIG-IP is not licensed for PEM, and user applies an LTM Policy to a virtual server which specifies 'ssl-persistence classification'.

Workaround

Either enable PEM licensing or change the LTM Policy to not use 'ssl-persistence classification'.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips