Bug ID 898609: LTM policy and firewall policy limitations within the BIG-IQ AS3 template UI

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IQ Applications(all modules)

Known Affected Versions:
7.0.0, 7.0.0.1, 7.0.0.2, 7.1.0, 7.1.0.1, 7.1.0.2, 7.1.0.3, 7.1.6, 7.1.6.1, 7.1.7, 7.1.7.1, 7.1.7.2, 7.1.8, 7.1.8.1, 7.1.8.2, 7.1.8.3, 7.1.8.4, 7.1.8.5, 7.1.9, 7.1.9.7, 7.1.9.8, 7.1.9.9

Opened: Apr 13, 2020
Severity: 3-Major

Symptoms

It is not possible to create LTM or firewall policies with different rules within the same AS3 Template. LTM policy AS3 classes impacted: * Endpoint_Policy * Endpoint_Policy_Rule * Policy_Action * Enforcement_Policy Firewall policy classes impacted: * Firewall_Policy * Firewall_Rule_List * Firewall_Port_List * Firewall_Address_List

Impact

The user won't be able to create different rules within LTM or firewall policies.

Conditions

When you use the AS3 Template UI on BIG-IQ to create an AS3 template with either an LTM Policy defined or a Firewall Policy...

Workaround

Use the API to create the AS3 application services using LTM or firewall policies. If you need different policies, do not use AS3 templates. For Firewall Policies, it is recommended you create the policies, rules, addresses and ports lists through the Configuration tab under SECURITY > Network Security > Network Firewall, then reference the policy in the AS3 Service class (such as Service_HTTPS, Service_TCP) under property "firewall policy (enforced)".

Fix Information

None

Behavior Change