Bug ID 657640: Issue deploying new ASM policy to BIG-IP with disallowed WebSocket URLs configured in policy

Last Modified: Apr 15, 2024

Affected Product(s):
BIG-IQ Web App Security (ASM)(all modules)

Known Affected Versions:

Opened: Apr 10, 2017

Severity: 3-Major


After deploying a new policy to a 13.0 BIG-IP device and doing another evaluation, differences involving the addition of a Plain Text Profile named "Default" might appear. Deploying the second evaluation will fail with an error that the Plain Text Profile cannot be deleted.


Difference shown after deployment and failure of second deployment.


The issue happens when deploying to a 13.0 BIG-IP device and the policy has Disallowed WebSocket URLs. The issue happens if the BIG-IP device does not have a fix to bug 658062.


In order to fully deploy the configuration if the unexpected difference appears, it is needed to remove all disallowed WebSocket URLs on the BIG-IP directly before doing another evaluation.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips