Last Modified: Apr 11, 2024
Affected Product(s):
BIG-IP PEM
Known Affected Versions:
11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.0.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.1.0, 12.0.0 HF1
Opened: Aug 17, 2015 Severity: 3-Major
When a a TCP virtual with a Gx profile listens on port 3868 (DIAMETER port#), the virtual picks up packets from the internet targeting port 3868 since there are no source IP filter. These packets were found to be bogus with no valid DIAMETER content. This led to triggering ASSERTs in the DIAMETER code.
Traffic disrupted while tmm restarts.
This can occur on PEM virtuals using the diameter-endpoint profile
Add a filter to the virtual to only allow port 3868 traffic from the PCRF.
None