Have some code. Share some code.
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner
F5 Employee
F5 Employee

Problem this snippet solves:

Use the SharePoint iApp template to configure availability, encryption, security, and remote access for Microsoft SharePoint 2010 and 2013. This template will configure the BIG-IP Local Traffic Manager (LTM) module, the Access Policy Manager (APM), the Application Acceleration Manager (AAM), the Advanced Firewall Manager (AFM), as well as Application Security Manager (ASM) for SharePoint deployments.

For detailed instructions for using this iApp template and configuring your SharePoint Server environment see the SharePoint deployment guide at

You must use this F5 release candidate iApp template (v1.2.2rc2), available as an attachment on this page, if you want to use BIG-IP Application Security Manager (ASM) in your deployment. If you try to use a previous version of the template with ASM, you receive an error. There are no other changes to this version of the iApp.

This F5 release candidate iApp template (v1.2.2rc1), available in the iApp package on in the RELEASE_CANDIDATE directory, contains no new features, but includes the fix for the troubleshooting entry "Why are users experiencing authentication issues after deploying the SharePoint iApp template?" on page 41. For guidance on downloading and importing the template, use the instructions in the deployment guide or in the solution referenced below.

Use this fully F5 supported template (v1.2.1) to configure your SharePoint 2010/2013 environment. You can find instructions for downloading the template at

Code :


Hi! We are trying the iApp template v1.2.2rc2, we want to select an existing ASM Security Policy, but we are not seeing it as the "Do you want to deploy BIG-IP Application Security Manager?" shows only LTM Policies with ASM enabled.


As we are checking, you can't create manually an LTM Policy with ASM enabled, they are automatically created when they are assigned to an ASM Security Policy in a Virtual Server...


So, is it possible to add to the iApp template the option to select ASM Security Policies, and not LTM Policies with ASM enabled?


As a workaround, we are creating a fake temporary VS with the required ASM Security Policy enabled, then we are creating the iApp selecting the LTM Policy with ASM enabled that was automatically created by the fake VS, and finally we are removing the fake VS.... so hard 😞




Historic F5 Account

Hi Franco, you must create the ASM policy and then reference it in the LTM policy's rules. Once you do that, the ASM-enabled LTM policy should appear in the iApp drop-down.



Hi, as we are trying, 12.1.2 doens't support create an LTM Policy with a rule enabling ASM...


Historic F5 Account

Hi, it absolutely does. I am looking at a 12.1.2 BIG-IP with an ASM-enabled LTM policy:

[azureuser@newscript-waf0:Active:In Sync] config  tmsh list ltm policy F5waf-ltm_policy
ltm policy F5waf-ltm_policy {
    controls { asm }
    last-modified 2017-08-07:02:11:44
    requires { http }
    rules {
        default {
            actions {
                0 {
                    policy /Common/F5waf-linux-medium-security_policy
            ordinal 1
    status legacy
    strategy first-match

[azureuser@newscript-waf0:Active:In Sync] config  cat /VERSION
Product: BIG-IP
Version: 12.1.2
Build: 1.34.271
BaseBuild: 0.0.249
Edition: Engineering Hotfix HF1
Date: Thu May 11 22:29:29 PDT 2017
Built: 170511222929
Changelist: 2224035
JobID: 840061
Version history
Last update:
‎16-Nov-2015 15:29
Updated by: