Forum Discussion
islam_nadim
Cirrus
CirrusASM Policy Learning vs Trusted IPs
Hello,
I have an ASM Policy that is currently in Blocking Mode. Tried to add a Trusted IP for learning, but I'm not getting Learning Suggestions. Also, tried to add the IP in Exception with Always Allow, but didn't work also.
Can someone explain this part to me as I'm a bit confused here.
- Mike757
MVP
Hi, islam_nadim
Do you have learning enabled in your policy? If not, this might be a good reason not to have new suggestions.
If you're using Route Domains, make sure you've added %x (x being the RD id) after the IP address, otherwise it won't work... and this might be another reason why suggestions and exceptions are not working.
/Mike
islam_nadim
Amine_KadimiDoes your trusted IP use a browser? or is it some other sort of web clients?
- islam_nadim
Trusted IP is using a browser
Hello,
I have faced the same issue before with one of our customers, and found that we ned to disable the below option inside the policy building settings:
- Learn only from non-bot traffic
- Reference: https://cdn.f5.com/product/bugtracker/ID913137.html
Sometime F5 classify traffic as it is generated fom bot because of the above BUG and based on that, no learning suggestions are generated.
So please try to uncheck this option, and then run the below commands on bash:
#pkill -f pabnagd
#pkill -f asmlogd
#pkill -f asm_config_server
Thanks,
Mohamed Salah
- islam_nadim
Hello Mohamed,
Thank you for pointing out this bug. Current version we are working on is in the 16 branch. So, it should not be impacted by this bug. However, we will give it a try.
