For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

kkarim's avatar
kkarim
Icon for Nimbostratus rankNimbostratus
Jul 03, 2023
Solved

Big-IP add one Allowed Methods to an ASM Security Policy using the command line

Hello everyone 😀 I'm trying to finish my Big-IP setup with tmsh command line whithout any config modification on the Big-IP GUI. I was able to find in the Big-IP documentation everything that I ne...
application delivery
security
  • whisperer's avatar
    whisperer
    Jul 03, 2023

    There may be a *better* way to do this actually. Why not use a test Virtual Server or a test virtual F5 instance to generate the ASM policy. That way, you can export it as XML or PLC and maintain a 'golden config' in a repo such as GitHub. You can then automate the import of this file 😕 Saves quite a bit on the TMSH commands, and you dont have to worry if the modification of a component has not been implemented. Please see the following:

    https://my.f5.com/manage/s/article/K00571548#export

    Just another way of solving this issue, and working around quite a few potential road blocks 😉

whisperer's avatar
whisperer
Icon for MVP rankMVP
Jul 03, 2023

There may be a *better* way to do this actually. Why not use a test Virtual Server or a test virtual F5 instance to generate the ASM policy. That way, you can export it as XML or PLC and maintain a 'golden config' in a repo such as GitHub. You can then automate the import of this file 😕 Saves quite a bit on the TMSH commands, and you dont have to worry if the modification of a component has not been implemented. Please see the following:

https://my.f5.com/manage/s/article/K00571548#export

Just another way of solving this issue, and working around quite a few potential road blocks 😉