Symptoms

BIG-IQ does not generate a Warning verification log during deployment of AFM if a SNAT policy is a "Dynamic PAT" type and the source address count and source address translation count are different, or the destination address count and the destination address translation count are different.

Impact

BIG-IQ does not generate a warning as it should.

Conditions

When deploying AFM with a SNAT policy of type Dynamic PAT and either of the following conditions are true: 1. Source address count and source address translation count are different. 2. Destination address count and destination address translation count are different

Workaround

Make sure the address counts and address translation counts are identical before deploying AFM.

Fix Information

None

Behavior Change