Forum Discussion
NimbostratusGuest Role User Lost Visibility in ASM/WAF Module – LTM Working Fine
Hi community,
I'm troubleshooting a strange issue on our F5 BIG-IP and hoping someone has run into this before.
Environment:
- Module: ASM (WAF)
- User Role: Guest
- Partition Access: All Partitions
Problem:
A user with the Guest role and access to all partitions suddenly lost the ability to view any information in the ASM module. When navigating to Security > Application Security > Policies, the table shows "No records to display" — even though policies exist and are active and viewable from other non-guest accounts.
The strange part: LTM is working perfectly fine for this user. They can view virtual servers, pools, nodes, etc. without any issue. The problem is isolated to ASM only.
Any pointers would be greatly appreciated. Happy to share outputs if needed.
Thanks!
3 Replies
A_hassaneinupdate:
i get get authorization errors like the following in response of request that fetch ASM related data "Authorization failed: user=https://localhost/mgmt/cm/system/authn/providers/tmos/{UUID}/users/{UUID} resource=/mgmt/tm/asm/policies verb=GET uri:http://localhost:<port>/mgmt/tm/asm/policies sernder:<ip>"
juanboticari0Hello,
Faced a similar error some time ago when an LDAP-authenticated user lost access to some LTM policies. You might want to take a look at this:- A_hassanein
Thanks for your help, Juan. Actually, I came across this article during my search, but our BIG-IP version is 17.5.1.6, which already includes the fix for that specific issue.
Interestingly, I have two BIG-IP VMs running this exact same version: on one, a guest user can access and view ASM properly, while on the other, the same user gets an authorization error from the REST endpoints. Any thoughts on what might be causing that discrepancy?
