F5 ASM - Compact Learning
Hi, I have configured a manual policy with the Compact learning for parameters but it doesn't add parameters to the list. However, wildcard parameter is changed with suggestions. I think it's working like Never (Wildcard Only) learning, why? On the other hand, I've read in K74535942 that the policy must include the following: Most commonly used entities Disallowed file types Top-level URLs, such as /abc/* https://support.f5.com/csp/article/K74535942 How can I include these requirements in the security policy? Thanks, best regards.
Need- F5 webserver for to setup own lab (not LAMP server in the partner portal)
Hi Team / Experts, Anyone please share me the F5 webserver(backend server) which is used to setup F5 official lab for training. I got lamp server from f5 partner portal, but i want to setup same F5 training lab in my home to prepare and practice with F5 official training material. It would be more helpful if anyone guided me or share me those official lab setup with webserver(backend server). Thanks, RK
TCL error: _cgc_pick_clientside
Hi, in an ASM-LTM (Perimeter) Setup I see frquently the following logs: ***err: tmm3[19962]: 01220001:3: TCL error: _cgc_pick_clientside - unknown cgc sni: f5-bei1.xxxx.xx (line 49) invoked from within "CGC::sni $tls_servername"*** Any idea what this TCL error causes? The clientssl is quite Basic: one certificate chain, no Server Name set. Thanks, Rolf
Bypass the character for Evasion technique Detected violation
Hi, I need help to bypass or allow %", character which has triggered the Detection violation(Bad unescape) in JSON POST Data. This is legitimate request and i don't see this request on learning suggestion. I am able to find with the help support ID provided by user under the event logs.ASM Policy in "Blocking" Mode switch to "Transparent" for some IP's
I have a policy that I need to switch to blocking but the business want to have a phased approach. Only the testing team should be in Blocking, while the rest of the business (a different IP range) remains in transparent. I need to keep the same policy so that I can "proof" that everything is running fine. Is there a method to do that ? Was thinking about an iRule but dont know how. I know how to disable ASM with an iRule but, that's something I don't want because I need to keep the learning suggestions. Bye St.
