Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP ASM
Known Affected Versions:
11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.3.1, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.2, 13.1.1.3
Fixed In:
14.0.0, 13.1.1.4, 12.1.3.2, 11.6.3.2, 11.5.9
Opened: Feb 25, 2016 Severity: 2-Critical Related Article:
K23221623
ASM policies are created as inactive policies on the peer device.
ASM policies are created as inactive policies on the peer device, resulting in an inconsistency between peers.
This occurs when the following conditions are met: -- ASM Sync is enabled on a Sync-Only auto-sync Device Group. -- There is either no failover group, or the failover group is a manual sync group.
You can use either of the following workarounds: -- Set the device group with ASM sync enabled to manual sync. -- Enable auto-sync for the failover group.
This release fixes the ASM Synchronization mechanism so that ASM policies are correctly created on the peer device