AltostratusHI ASM experts, I am seeing traffic getting blocked due to the "Illegal cookie length violation" . System configured: 8192 bytes, received 8452. I am running 11.5.1 HF7. I tried to increase the cookie length by going to the policy and selecting advanced, BUT it gave me an error that the max allowed is 8192 bytes. What is the work around for this? This seems to be a legit GET request.
CirrusHi,
8192 bytes is the default length, not the max allowed in general.
I will try it on my lab and give you a feedback
Cirrus
NacreousHi,
8192 bytes is the default length, not the max allowed in general.
I will try it on my lab and give you a feedback
Nacreous
Nacreous8192 Is indeed the maximum and I think you only have 2 workarounds - disable the violation, or write a custom iRule. Disabling the violation itself would probably make the most sense here.
Go to policy blocking settings, and un-tick the 'learn/alarm/block' boxes under
Illegal cookie length
NimbostratusWhat about 2048 bytes
Nacreous@MSZ - Can't understand the question
Nimbostratuswhen I created the ASM policy longtime back I didn't notice the value of Max. cookie header length (It comes on Policy properties page). As per documentation it is any by default. But in my case I am able to see the value like 2048. I want to know how this value comes and where ?
Nimbostratus8192 Is indeed the maximum and I think you only have 2 workarounds - disable the violation, or write a custom iRule. Disabling the violation itself would probably make the most sense here.
Go to policy blocking settings, and un-tick the 'learn/alarm/block' boxes under
Illegal cookie lengthWhat about 2048 bytes
Nimbostratus@MSZ - Can't understand the question
Nimbostratuswhen I created the ASM policy longtime back I didn't notice the value of Max. cookie header length (It comes on Policy properties page). As per documentation it is any by default. But in my case I am able to see the value like 2048. I want to know how this value comes and where ?