Bug ID 707631: The 'SYN Challenge Handling' setting of a TCP profile can revert to defaults when updating the profile using the GUI

Last Modified: Oct 24, 2019

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Known Affected Versions:
13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1, 13.1.1.1, 14.0.0, 14.0.0.1, 14.0.0.2, 14.0.0.3, 14.0.0.4, 14.0.0.5, 14.0.1, 14.0.1.1

Fixed In:
14.1.0, 13.1.1.2

Opened: Feb 22, 2018
Severity: 4-Minor

Symptoms

The 'SYN Challenge Handling' setting of a TCP profile can be reverted to defaults when a TCP profile is updated using the BIG-IP management GUI.

Impact

Loss of TCP profile syn challenge configuration settings

Conditions

The SYN Challenge Handling settings of a TCP profile have previously been set to non-default values, and a configuration change is later made to the same TCP profile using the GUI.

Workaround

In the GUI, specifically set the SYN Challenge Handling fields after making an update to other TCP profile fields, or use tmsh to make the changes instead SYN Challenge GUI Setting: Nominal TMSH: syn-cookie-enable enabled syn-cookie-whitelist disabled GUI Setting: Challenge and Remember TMSH: syn-cookie-enable enabled syn-cookie-whitelist enabled GUI Setting: Disable Challenges: syn-cookie-enable disabled syn-cookie-whitelist disabled

Fix Information

Now syn challenge handling setting isn't overwritten when tcp profile is updated

Behavior Change