Last Modified: Dec 07, 2023
Affected Product(s):
BIG-IP AFM
Opened: Jun 16, 2015 Severity: 3-Major Related Article:
K17502
A packet filter is in place to block ICMP traffic to a virtual address, but the virtual address responds to ICMP echo requests.
Traffic is not blocked despite the existence of a packet-filter rule.
A packet filter is in place to block ICMP echo request traffic to a virtual address, and a fragmented ICMP echo request is received by the BIG-IP system. If the ICMP echo request needs to be forwarded to another tmm, the packet-filter is not honored.
Use AFM rather than packet-filter. Note: This may require additional licensing.
None