Last Modified: May 01, 2019
See more info
Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 12.1.4, 184.108.40.206, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 13.1.1, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11
Opened: Oct 12, 2017
The hidden dos profile /Common/asm-hidden/dos-hidden might be created in a non-Common partition, causing error messages and not bypassing of known search engines. (This profile is created automatically when provisioning ASM.) When this happens: -- An error message appears in /var/log/ltm: - err mcpd: 01070726:3: DoS Profile Compiled Signatures /Common/asm-hidden/dos-hidden dos-hidden /Common/asm-hidden/ASM-search-engine-Google in partition Common cannot reference DOS application /Common/asm-hidden/dos-hidden dos-hidden in partition partition1 -- The /Common/asm-hidden/dos-hidden profile is saved in the config file of the partition (/config/partitions/<partition>/bigip.conf) instead of /config/bigip.conf.
This happens when provisioning ASM using the GUI, and the partition (on the top-right corner) is set to any partition other than the Common one. Note: The GUI page 'System :: Resource Provisioning' does not allow changing the partition (it is grayed out). The partition must be changed on a different page, such as Virtual Servers.
To prevent the problem from happening, make sure the Common partition is selected when provisioning ASM. (Change it on a different page to Common, and then come back to the provisioning page and provision ASM. This only works if ASM was not yet provisioned before.) If the problem has already occurred, run the following commands to solve the problem: tmsh delete security dos profile /Common/asm-hidden/dos-hidden tmsh save sys config tmsh load sys config tmsh save sys config