TMSH command to assign ASM policy to a vip.

Question

Hello.  To assign an ASM security policy to a virtual server via the GUI I would go to Local Traffic -&gt; Virtual Servers -&gt; Virtual Server List, click on the Virtual Server, click Security -&gt; Policies, under Application Security Policy I would choose "Enable", then choose the Policy.&nbsp;
How would I accomplish the same via the TMSH command?  Thanks.&nbsp;

nazir_52641 · Answer

Consider the below naming conventions:&nbsp;
ASM Policy name: ASM_Policy&nbsp;
Virtual server name : HTTP_VS1&nbsp;
Below is the command:&nbsp;
tmsh create ltm policy asm_policy_HTTP_VS1 { controls add { asm } requires add { http } rules add { default { actions add { 1 { asm enable policy ASM_Policy } } ordinal 1 } } }&nbsp;
tmsh modify ltm virtual HTTP_VS1 policies add { asm_policy_HTTP_VS1 } &nbsp;
tmsh save sys config&nbsp;

mariomeas · Answer

Thank you Nazir.  What's the best way to accomplish the above steps using Rest?  Thanks.&nbsp;

nazir_52641 · Answer

Get the ID of the existing ASM policy:&nbsp;
curl -sku admin:admin  | ./jq '.items[] | "pol_name:" + .fullPath + ";api_id:" + .id'&nbsp;
Assign ASM policy with id ZsKuSt3CrOF9LBMAapLOkg to VS HTTP_VS1:&nbsp;
curl -sku admin:admin -X PATCH -H "Content-Type: application/json" -d '{ "virtualServers" : ["/Common/HTTP_VS1"] }'  | ./jq&nbsp;

Forum Discussion

TMSH command to assign ASM policy to a vip.

3 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

2026 301a exam

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

F5OS login with admin/root failed via console

UCS Encryption Question

Related Content

APM variable assign examples

WAF evasion techniques for Command Injection

Mitigating OWASP API Security Risk: Mass Assignment using F5 BIG-IP

LTM Policy

Power of tmsh commands using Ansible

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS