Bug ID 774457: Unexpected 'Illegal entry point' and 'Illegal flow to URL' violations after upgrading to version without account_id

Last Modified: Apr 17, 2024

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
15.0.0, 15.0.1,,,,, 15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,,, 15.1.9,, 15.1.10,,,

Opened: Apr 19, 2019

Severity: 3-Major


When upgrading from a version to v15.1.0 or later, the system might report 'Illegal entry point' and 'Illegal flow to URL' messages.


False-positive violations.


1. Upgrading from a version prior to v15.1.0 to a v15.1.0 or higher. 2. The policy contains flows, and illegal flow and illegal entry point are configured.


You can use either of the following workarounds: -- Turn off blocking from the illegal flows violations before upgrading. Then wait for some time until the violation alarms no longer appear. -- Use an iRule that unblocks these violations and deletes the ASM cookies when that happens.

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips