Forum Discussion

islam_nadim's avatar
Feb 27, 2023

ASM Policy Learning vs Trusted IPs



I have an ASM Policy that is currently in Blocking Mode. Tried to add a Trusted IP for learning, but I'm not getting Learning Suggestions. Also, tried to add the IP in Exception with Always Allow, but didn't work also.


Can someone explain this part to me as I'm a bit confused here.

6 Replies

  • Hi, islam_nadim 

    Do you have learning enabled in your policy? If not, this might be a good reason not to have new suggestions.

    If you're using Route Domains, make sure you've added %x (x being the RD id) after the IP address, otherwise it won't work... and this might be another reason why suggestions and exceptions are not working.



  • Hello,

    I have faced the same issue before with one of our customers, and found that we ned to disable the below option inside the policy building settings:

    Sometime F5 classify traffic as it is generated fom bot because of the above BUG and based on that, no learning suggestions are generated.

    So please try to uncheck this option, and then run the below commands on bash:

    #pkill -f pabnagd

    #pkill -f asmlogd

    #pkill -f asm_config_server



    Mohamed Salah



    • islam_nadim's avatar
      Icon for Cirrus rankCirrus

      Hello Mohamed,


      Thank you for pointing out this bug. Current version we are working on is in the 16 branch. So, it should not be impacted by this bug. However, we will give it a try.