Last Modified: Sep 13, 2023
Known Affected Versions:
15.1.0, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 15.1.1, 16.0.0, 126.96.36.199, 16.0.1
16.1.0, 188.8.131.52, 15.1.2
Opened: Feb 10, 2020 Severity: 3-Major
Incorrect value in Transparent Nexthop property on virtual server page with assigned VLAN after a change is made via the DOS menu then another change is made on the advanced menu.
Incorrect value shown in Transparent Nexthop property field. which can cause connectivity to be lost between the affected locations.
Starting with a working config if the admin makes changes From the DoS menu - DoS configuration -> protected objects -> protected objects list - Select virtual server (eg: test_vpn_443) -> open Network & General -> set enabled on vlans to "test" and Transparent nexthop to "test" -> save # Now make a change that cannot be made via the DoS menu From the Advanced menu - Local Traffic -> Virtual server -> Virtual server list -> select virtual server (test_vpn_443) - Note that "Transparent Nexthop" is set to "none" despite being set to "test" in bigip.conf and DoS menu - Change clientssl profile (or whatever change) -> update # Now go back and check the impact From the DoS menu - DoS configuration -> protected objects -> protected objects list - Select virtual server (eg: test_vpn_443) -> open Network & General -> you can see that Transparent nexthop has been set to "none" At this point connectivity could be broken and transparent nexthop will need to be reconfigured via the DoS menu.
There are multiple possible options: either: Use tmsh to complete the action successfully. or Do not configure the same VLAN group for the VLAN list and Transparent Next Hop or use the advanced menu as it performs as expected.