Bug ID 464735: Errors and unavailable virtual server upon deactivation of ASM policy that is assigned to a non-default rule of L7 policy

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10, 11.5.2, 11.5.2 HF1

Fixed In:
11.6.0, 11.5.3

Opened: May 29, 2014

Severity: 2-Critical


When trying to deactivate a policy used in a non-default L7 policy, you get the following error, and the policy is deactivated: "MCP Validation error - 01071726:3: Cannot deactivate policy action '/Common/vs126'. It is in use by ltm policy '/Common/l7_policy'." In addition, the virtual server becomes unavailable after the deactivation.


Virtual server is unavailable. ASM policy assigned to the LTM virtual server is broken.


ASM is provisioned. ASM policy is assigned to a non-default L7 policy.


Prior to the deactivation of such an ASM policy, remove it from all L7 policies from the following screen: Local Traffic > Policies > Policy List > <L7_policy_name> > Properties.

Fix Information

The deactivation of an ASM policy that is assigned to a non-default rule in an LTM policy produces a verbose and meaningful error message, and the virtual server is now available after the deactivation.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips