Last Modified: Sep 13, 2023
Known Affected Versions:
126.96.36.199, 188.8.131.52, 184.108.40.206, 7.1.6, 220.127.116.11, 7.1.7, 18.104.22.168, 22.214.171.124, 7.1.8, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 7.1.9, 22.214.171.124, 126.96.36.199, 188.8.131.52, 8.0.0, 184.108.40.206
Opened: Dec 05, 2020 Severity: 3-Major
If you attempt to deploy a tunnel object to a managed BIG-IP device using a Tunnel Profile, deployment fails with an error similar to the following: "profile" is a required property and may not be set to "none" or an empty value'
You cannot deploy the tunnel object to the BIG-IP device(s).
This happens in either of the following cases: *) An imported Tunnel object has been modified on BIG-IQ. *) The tunnel object hasn't been modified, but one or more imported Tunnel objects has ended up with an incorrect "ifIndex" value on BIG-IQ.
You can try to resolve the issue by performing one of the following options. Option 1) 1. From BIG-IQ, rediscover and re-import the device, selecting the "Use BIG-IP" to clear any changes from tunnel objects on BIG-IQ. 2. Create a new Evaluation / Deployment and redeploy to the BIG-IP device. Option 2) If option 1 does is not successful, manually copy the current BIG-IP configuration into the working configuration by logging into BIG-IQ through SSH and performing the following steps: 1. Write all tunnel objects to a file by typing the following commands: # restcurl /cm/adc-core/working-config/net/tunnels/tunnel | jq .items -c > /var/tmp/wc # restcurl /cm/adc-core/current-config/net/tunnels/tunnel | jq .items -c > /var/tmp/cc 2. Perform a diff on the content for ifIndex by typing the following commands: # cat /var/tmp/cc | jq .id -r | sort | while read uuid ; do grep $uuid /var/tmp/cc | jq .ifIndex > /var/tmp/mycc ; grep $uuid /var/tmp/wc | jq .ifIndex > /var/tmp/mywc ; diff /var/tmp/mywc /var/tmp/mycc >/dev/null ; if [ $? -eq "1" ] ; then echo $uuid ; fi ; done > /var/tmp/diffout 3. Verify that the diffout contains UID only, and test one of them to check the difference by typing commands similar to the following: # test=$(head -n1 /var/tmp/diffout) ; grep $test /var/tmp/cc | jq .ifIndex 384 # test=$(head -n1 /var/tmp/diffout) ; grep $test /var/tmp/wc | jq .ifIndex 400 4. Create the Tunnel.sh script fix by typing the following: TUNNELID=$1 restcurl "/cm/adc-core/current-config/net/tunnels/tunnel/$TUNNELID" | sed -e 's/current/working/g' | jq 'del(.generation,.lastUpdateMicros)' > workfinal curl "localhost:8100/cm/adc-core/working-config/net/tunnels/tunnel/$TUNNELID" -X PUT -d @workfinal | jq 5. Provide execution permissions to fixTunnel.sh by typing the following: # chmod +x fixTunnel.sh 6. Use the fixTunnel.sh script to correct the ifIndex by typing the following: # cat /var/tmp/diffout | while read UUID ; do echo $UUID ; ./fixtunnel.sh $UUID ; done