Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IQ Applications
Known Affected Versions:
7.0.0, 7.0.0.1, 7.0.0.2, 7.1.0, 7.1.0.1, 7.1.0.2, 7.1.0.3, 7.1.6, 7.1.6.1, 7.1.7, 7.1.7.1, 7.1.7.2, 7.1.8, 7.1.8.1, 7.1.8.2, 7.1.8.3, 7.1.8.4, 7.1.8.5, 7.1.9, 7.1.9.7, 7.1.9.8, 7.1.9.9
Opened: Apr 13, 2020 Severity: 3-Major
It is not possible to create LTM or firewall policies with different rules within the same AS3 Template. LTM policy AS3 classes impacted: * Endpoint_Policy * Endpoint_Policy_Rule * Policy_Action * Enforcement_Policy Firewall policy classes impacted: * Firewall_Policy * Firewall_Rule_List * Firewall_Port_List * Firewall_Address_List
The user won't be able to create different rules within LTM or firewall policies.
When you use the AS3 Template UI on BIG-IQ to create an AS3 template with either an LTM Policy defined or a Firewall Policy...
Use the API to create the AS3 application services using LTM or firewall policies. If you need different policies, do not use AS3 templates. For Firewall Policies, it is recommended you create the policies, rules, addresses and ports lists through the Configuration tab under SECURITY > Network Security > Network Firewall, then reference the policy in the AS3 Service class (such as Service_HTTPS, Service_TCP) under property "firewall policy (enforced)".
None