Last Modified: Oct 17, 2023
Affected Product(s):
BIG-IP Install/Upgrade, LTM
Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2
Fixed In:
13.0.0, 12.1.2 HF1
Opened: Nov 01, 2016 Severity: 3-Major
BIG-IP version 12.0.0 introduced more strict checking on the characters allowed in policy and rule names, and it also introduced an auto-migration feature to convert any disallowed characters to an underscore (_). Allowed characters in policy and rule names are: A-Z a-z 0-9 . / : % - Spaces are allowed between these characters. When there is a pre-v12.0 Policy that contains an illegal character, the rule has each illegal character converted to a legal one. But conditions and actions, which are joined to the rule by name were not similarly adjusted. After migration, LTM Policy rule does not have any conditions or actions referring to its new name.
Policy rule name is changed, illegal characters converted to benign underscore (_). The upgraded configuration will load successfully, but the Rule's associated conditions and actions are not changed, and still point to the policy by its former name, effectively becoming orphaned. Inspecting rule using UI or tmsh shows conditions and actions missing.
- Pre-v12.0 BIG-IP - Policy and/or rule names contain illegal characters like: * < > ( ) [ ] - Upgrade to v12.0 or later
The bigip.conf file can be manually edited to fix illegal characters and configuration reloaded.
None