Bug ID 807253: The security policy devices overrides option is not visible when using an existing security policy to configure an SSLO topology

Last Modified: Jan 12, 2021

Bug Tracker

Affected Product:  See more info
BIG-IQ SSL Orchestrator(all modules)

Opened: Jul 18, 2019
Severity: 4-Minor

Symptoms

When you create a new SSLO topology, the 'Device Overrides' section is not visible in the security policy page when using an existing security policy.

Impact

You may not be able to view and modify device-specific security policy configurations when creating a new SSLO topology.

Conditions

This occurs whenever you try to create a new SSLO topology, choose the 'Using Existing' option in the security policy configuration page, and select a security policy which is already deployed to managed BIG-IP devices.

Workaround

To view or edit device specific security policy configurations, you will need to configure device overrides outside of the SSLO topology wizard. From the 'Configuration' tab in BIG-IQ, navigate to 'SSL Orchestrator' >> 'Security Policies.' Select a security policy or create a new one and update the target BIG-IP devices or clusters if needed under the 'Target Members' section. View or edit device-specific configurations in the 'Device Overrides' section, save the security policy, and deploy the configuration to your managed BIG-IP devices. When creating a new SSLO topology in the topology wizard, choose the 'Use Existing' to use the security policy you just configured.

Fix Information

None

Behavior Change