Last Modified: Nov 22, 2021
Affected Product:
See more info
BIG-IQ Network Security (AFM)
Known Affected Versions:
5.4.0, 5.4.0 HF1, 5.4.0 HF2
Opened: Dec 04, 2018
Severity: 4-Minor
BIG-IQ does not generate a Warning verification log during deployment of AFM if a SNAT policy is a "Dynamic PAT" type and the source address count and source address translation count are different, or the destination address count and the destination address translation count are different.
BIG-IQ does not generate a warning as it should.
When deploying AFM with a SNAT policy of type Dynamic PAT and either of the following conditions are true: 1. Source address count and source address translation count are different. 2. Destination address count and destination address translation count are different
Make sure the address counts and address translation counts are identical before deploying AFM.
None