Last Modified: Jul 12, 2023
Affected Product(s):
BIG-IP (all modules)
Known Affected Versions:
11.4.1
Fixed In:
11.6.0
Opened: May 02, 2014 Severity: 3-Major Related Article:
K15617
The custom settings in an SMTP profile appear to be overwritten by the parent settings when the unit is re-licensed and configuration reloaded e.g. via a 'tmsh load sys config' or a license activation in the GUI. If the parent profile ("smtp") has security enabled and a child has "Custom" selected and security disabled then I would expect the config to show "security disabled" when it shows no entry at all; I think this leads to the GUI and configuration showing inconsistent states.
Unexpected profile smtp behavior after load
Take an 11.4.1 box Go to Local Traffic -> Profiles -> Services -> SMTP Select the system default profile ("smtp") and enable Protocol Security, click Save Create a new SMTP profile, check "Custom" for Protocol Security and Uncheck "Protocol Security" The GUI now shows Security as disabled, tmsh shows no setting for security (which I believe means it should inherit from the parent, i.e. the GUI shows "off", tmsh shows "on"): # tmsh list ltm profile ltm profile smtp smtp { defaults-from none security enabled } ltm profile smtp test { defaults-from /Common/smtp } Reload the configuration with "tmsh load sys config" or reactivate the license on the unit Go to Local Traffic -> Profiles -> Services -> SMTP Select the new SMTP profile, note that "Custom" is no longer checked and Protocol Security is shown as enabled (inherited from the parent profile) and tmsh shows: # tmsh list ltm profile ltm profile smtp smtp { defaults-from none security enabled } ltm profile smtp test { defaults-from /Common/smtp security enabled }
Modify ltm profile smtp security after load to return it to the original state, or setup inheritance dependencies in such a way that the parent profile uses the default security value and the child profile uses a non-default security value.
Profile SMTP custom settings are now saved to the config and restored after a configuration load.