Forum Discussion
AWAF with customized virtual port
Hi ,
as mentioned above, a HTTP profile is required. You could check how the learning settings are configured in your policy. What entities are learned (URL, file type, cookies, parameters) and also check the setting for Policy Building Learning Mode.
Next take a look at K15530590, it will explain to you which type of Security Policy templates exist and what entities are learned by default and at which level of granularity the AdvWAF will learn them.
Additionally read the manual about learning: BIG-IP Application Security Manager: Implementations Refining Security Policies with Learning.
For me it is a good comparison to have "Log all requests" enabled while troubleshooting. You can compare the requests log vs. the new learning suggestions.
Hope this helps.
KR
Daniel
- SushantSep 13, 2021Altostratus
Hello Daniel,
The virtual server will learn traffic if I tend to use port 80 as my virtual server listening port. If I use customized port then the application itself wont work incase of using HTTP as my profile. If I remove the HTTP profile it will work even with the customized port.
- Daniel_WolfSep 13, 2021MVP
So it is not the traffic learning that stops when you change from 80 to 8888 but the whole traffic processing stops?
Where do you change to port 8888? On the VS or on the pool member?
Can you do a tcpdump to analyze why traffic processing stops?
- SushantSep 13, 2021Altostratus
I have tried using port 80 just for testing purpose. 8888 does work until and unless I use it till Layer 4 . The virtual server stops working when I use HTTP profile.
- Daniel_WolfSep 13, 2021MVP
I'd recommend you to take a tcpdump and to compare what changes between port 80 and 8888. And also what changes with an without HTTP profile.
To me this doesn't look like the Security Policy is causing this issue.
Start with this tutorial:
https://clouddocs.f5.com/training/community/adc/html/class4/class4.html
And check out K00463541, it has links to all relevant tcpdump solution articles:
https://support.f5.com/csp/article/K00463541
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com