Bug ID 812949: P2P failure while connecting with Cisco router when firewall is enabled.

Last Modified: Sep 13, 2023

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6

Opened: Aug 06, 2019

Severity: 4-Minor

Symptoms

When P2P is configured and a firewall policy is set, OSPF status is set to 'exstart' when AFM is provisioned and tm.fw.defaultaction is set to 'drop'/'reject'.

Impact

OSPFv3 does not work.

Conditions

P2P is configured and a firewall policy is set.

Workaround

You can use either of the following workarounds: -- Configure global policy to allow OSPF protocol traffic, similarly to: security firewall policy Policy_OSPF { description "Allow OSPF" rules { OSPF_1 { action accept-decisively ip-protocol ospf rule-number 1 } } } -- Disable firewall entirely: Set tm.fw.defaultaction to allow: tmsh modify sys db tm.fw.defaultaction value allow

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips