Bug ID 722225: Auto-deploy scaling fails for a service scaling group in an AWS cloud when ASM policy is set to auto-deploy

Last Modified: Nov 22, 2021

Affected Product(s):
BIG-IQ Applications(all modules)

Fixed In:
6.0.1

Opened: May 29, 2018

Severity: 3-Major

Symptoms

When auto-deploy is enabled for a policy for BIG-IP devices in a service scaling group, scaling fails.

Impact

Attempts are made to auto-deploy the WAF policy every 5 minutes to the BIG-IP devices in an SSG, and it continues to fail.

Conditions

When all the following three conditions are met 1) BIG-IP devices in an SSG is provisioned with WAF (Web Application Security) 2) WAF Policy is set to learning mode=Automatic, Policy Building Mode=Central, Auto-Deploy Policy=Real Time. 3) Auto scale BIG-IP VE devices in an SSG greater than 1.

Workaround

Disable auto-deploy by setting Configuration:Web Application Security:policies:<ASMPolicy>:POLICY BUILDING:Settings:Auto-Deploy Policy to Disabled.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips

Have a question?

About F5

Education

F5 sites

Support Tasks

© F5, Inc. All rights reserved. Policies | Privacy | Trademarks