Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Eslam_Sayed's avatar
Eslam_Sayed
Icon for Altostratus rankAltostratus
Dec 20, 2020

Direct F5 licensing & ASM updates from MGMT interface

Hello Sirs,   Kindly i need to enable my F5 to direct licensing traffic & ASM updates to be sourced from MGMT interface as all data interfaces are in isolated network.   Version : 13.1.3.4 ...
application delivery
security
TMOS
TMSH
Daniel_Wolf's avatar
Daniel_Wolf
Icon for MVP rankMVP
Dec 27, 2020

Hi Eslam,

 

you should add a management route following the instructions in K13284: Overview of management interface routing. If your ASM is behind a firewall, you should allow access to callhome.f5.com:443 and activate.f5.com:443 (and eventually do DNS servers), so that the ASM can obtain the Live Updates.

 

KR

 

Edit: Copy and Paste from K82512024:

The BIG-IP ASM system consults the Traffic Management Microkernel (TMM) and Linux routing tables when requesting attack signature updates using the Automatic Method. The source IP address of the resulting traffic uses either a non-floating self IP address or the management IP address, depending on the matching route.