Bug ID 476338: RSTs due to Brute Force attack while policy in transparent mode

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.1, 11.6.2, 11.6.3,,,,, 11.6.4, 11.6.5,,,, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2

Fixed In:

Opened: Aug 21, 2014

Severity: 2-Critical

Related Article: K48493650


When attack is detected, traffic starts to get rejected with the following RST cause: ASM requested abort (plugin abort error).


Policy is blocking (sending RSTs) even though it is in transparent mode.


This occurs if your security policy is configured with aggressive thresholds for brute force prevention, and the security policy's enforcement mode is Transparent.


Set the brute force configuration to alarm and not blocking.

Fix Information

Brute force configuration now accommodates the policy settings within transparent mode.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips