F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

David_Murphy_22's avatar
David_Murphy_22
Icon for Nimbostratus rankNimbostratus
Nov 27, 2014

v11.4.x tmsh - how to enable and select an ASM policy; DoS policy

From the GUI one chooses an LTM Virtual Server and selects the 'Security -> Policies' tabs to accomplish enabling and selecting the ASM and/or DoS policies. What are the CLI tmsh commands to accompl...
application delivery
ASM Advanced WAF
LTM
security
TMSH
R_Marc's avatar
R_Marc
Icon for Nimbostratus rankNimbostratus
Nov 28, 2014

ASM is a bit more complicated in TMSH. The GUI creates this goofie policy link. You'd need to do the same in TMSH but without the goofiness.

First: create an ASM policy: 

create asm policy test-asm-policy { active encoding utf-8 blocking-mode enabled policy-template some-template }

Now you need to create an LTM policy referencing it:

create ltm policy test-ltm-asm-policy { controls add {asm} requires add { http } rules add { default { actions add { 1 { asm enabled policy test-asm-policy } } } strategy first-match }

Now you can add it to your Virtual with a create or modify

modify ltm virtual test-http-virtual { policy add|replace-all-with { test-ltm-asm-policy }}

I don't use DDos policies, but I'm sure it's a similar procedure.