Symptoms

In an ASM enabled manual sync group that uses XML Profiles to enforce XML schema, data inconsistencies can be introduced after a sync is pushed to an active device which can cause false positives.

Impact

In some cases a data inconsistency is introduced for the XML schema lookup, which causes a false malformed data violation, blocking legal traffic

Conditions

1) ASM Sync is used in a manual sync group 2) XML Profiles are used that validate schema (xsd or wsdl) are used, and the XML malformed data violation is enabled. 3) Changes are made to the XML Profiles and/or new policies are added with new schema. 4) The ASM configuration is pushed to a device.

Workaround

Restarting ASM will resolve the inconsistency. The violation can be disabled until ASM can be restarted.

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips