Bug ID 478399: PEM subscriber sessions are created without PEM licensed, if "radiusLB-subscriber-awre" profile is configured.

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP LTM, PEM(all modules)

Known Affected Versions:
11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2 HF1, 11.5.3 HF1, 11.6.0, 11.6.1, 11.6.2, 11.6.3,,,,, 11.6.4, 11.6.5,,,

Fixed In:
11.6.0 HF5, 11.5.3 HF2

Opened: Sep 08, 2014

Severity: 3-Major

Related Article: K17039


If LTM virtual server has the RADIUS profile 'radiusLB-subscriber-awre' configured, the PEM subscriber session will be created, even if the BIG-IP system is not licensed for PEM, which can cause 100% TMM usage due to the overhead of processing RADIUS messages.


100% TMM usage due to PEM subscriber session being created, even when the BIG-IP system is not licensed for the PEM module.


The RADIUS profile 'radiusLB-subscriber-awre' is configured on the LTM virtual server for non-PEM configurations.


The workaround is to avoid the misconfiguration by not associating the RADIUS profile 'radiusLB-subscriber-awre' to LTM virtual servers for non-PEM configurations, such as when there is no PEM license for the BIG-IP system.

Fix Information

A validation has been added to prevent the RADIUS profile 'radiusLB-subscriber-awre' from being mistakenly associated with the LTM virtual server, when the BIG-IP system is not licensed for PEM.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips