When specifying a key to AES::encrypt or AES::decrypt it
can either be a key object as generated by AES::key (a string with the correct format) or a passphrase.
The AES::key command generates object represented as a list with 3 elements or a string in the format "AES (128 | 192 | 256) <32, 48, 64 HEX digits respectively>". If you are using a string to set the key, it must be in this format.
A string that does not match the above format will be interpreted as a passphrase and will be used (along with random salt) to generate a key. This is where AES::decrypt is affected by ID224113.
You need to change
set ::key be474444865c70f3e13624aec61eb292cef6cf5c4ce1725dd4fa49a93bf997c8
to
set ::key "AES 256 be474444865c70f3e13624aec61eb292cef6cf5c4ce1725dd4fa49a93bf997c8"
Now, using global variables and CMP is a whole other discussion. :)
http://devcentral.f5.com/wiki/default.aspx/iRules/CMPCompatibility.html
Jason