Forum Discussion
Cirrus11.4 - what is a default rule?
Hi,
I have some problems with the new 11.4, again.
What I did: 1. created a ltm policy with:
Strategy all-match
Requires http
Controls asm
-
created a policy rule:
condition http-uri request path starts-with "/test" action asm request enable policy "test_Policy"
Result: I cannot save the policy and get the error message: 0107172c:3: Policy '/Common/test_RULE'; a policy controlling 'asm' must have a default rule.
what does it mean?
thx
2 Replies
natheCirrocumulus
Torti - I'm looking into this myself at the mo due to a future migration. Looks like you need two rules for ASM and traffic policies. The example F5 give is the default rule pushes all traffic to the security policy and then you can create custom rules to disable the security policy, say on specific URIs.
Anyway see for more info:
http://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-11-4-0/20.html?sr=32535189
Looks like your default rule might be to disable ASM and the specific rule for /test to enable it.
Hope this helps, N
Tortiit is strange, but if you are using asm Controls, you have to create a rule without conditions. So that every traffic hit the rule.
The new design is really complicated.
