Forum Discussion
AltocumulusWAF and LTM policy - apply to same Visrtual server
Hello All,
can we have LTM local policy ( Local Traffic ›› Policies : Policy List ) and WAF policy (Security ›› Application Security : Security Policies : Policies List) be applied to a same/single virtual server.
When i apply local LTM policy, WAF policies are getting removed automatically.
Is there a limitation?
Simon_BlakelyEmployee
You can, but you need to control ASM policy application in your Local Traffic Policy.
When you apply a WAF Policy to a virtual server, it auto-creates a Local Traffic Policy that controls ASM and applies it.
If you create a Local Traffic Policy, you cannot auto-apply the policy to control ASM, so the option is removed.
You need to ensure your Local Traffic Policy contains actions to apply the relevant ASM Policy.
ShazeeThank you for your response.
Could you please elaborate.
I have a local policy to
Remove HTTP Header named 'server' at response time
and
Remove HTTP Header named 'X-Application-Context' at response time. in the local policies.( Basically Header removals)
But when i apply a basic WAF policy to protect against the OWASP Top 10 through WAF/ASM , Local policy takes precedence and removes . the WAF policies.
Could you please elaborate the reply with this as scenario?
Using Big IP VE 14.1.2 in AWS
- Simon_Blakely
Along with the Header removals, your Local Traffic Policy needs to have an action that assigns the required ASM policy.
You do not assign the ASM Policy via the Security Tab.