For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Satoshino's avatar
Satoshino
Icon for Cirrus rankCirrus
Oct 02, 2020

Security Policy textual configuration

Hi everyone,

i would like to know if there is a way to see or extract Security Policy's fully configuration as textual in ASM using CLI, like this VS's configuration:

ltm virtual Test_Net_Acc_vs {
    destination 192.168.11.123:https
    ip-protocol tcp
    last-modified-time 2020-03-03:11:27:03
    mask 255.255.255.255
    profiles {
        APM_accessone { }
        Test_Net_Acc_cp {
            context clientside
        }
        f5portal_external_SSLClient {
            context clientside
        }
        http { }
        ppp { }
        rba { }
        rewrite { }
        tcp { }
        websso { }
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    translate-address enabled
    translate-port enabled
    vs-index 5

I had already tried to "list" the security policy but i receive only partial conf:

asm policy Al_SecPolicy {
    active
    app-service none
    blocking-mode disabled
    description "Rapid Deployment Policy"
    encoding utf-8
    parent-policy none
    partition Common
    policy-builder disabled
    policy-template POLICY_TEMPLATE_RAPID_DEPLOYMENT
    policy-type security
    virtual-servers {
        Al_vs
    }
}

ASM Advanced WAF
devops
LTM
security

1 Reply

  • Ivan_Chernenkii's avatar
    Ivan_Chernenkii
    Icon for Employee rankEmployee
    Oct 02, 2020

    Hello,

     

    No, there is no way to see full policy in tmsh, because only few basic policy settings are supported in tmsh.

    But to get policy in textual human-readable view you can export it as XML or as JSON (this ability will appear starting from v16.1.0).

     

    Thanks, Ivan