http ssl-persistence
1 Topic
remove "requires { http ssl-persistance }" from policy
Whenever I create a policy it adds it's own, default configuration snippets in the config. The one that gives me trouble is: requires { http ssl-persistence } When the policy is created, but only conditions are defined the code looks like this: ltm policy test_policy { last-modified 2019-07-12:05:56:41 partition mnp_325-ssn requires { ssl-persistence } rules { a-sni23-routing-8004 { conditions { 0 { ssl-extension ssl-client-hello server-name values { example.url } } } } } status draft strategy /Common/first-match but the moment any actions are attached the "http" is added to the "required" line: ltm policy test_policy { controls { caching } last-modified 2019-07-12:05:59:13 partition mnp_325-ssn requires { http ssl-persistence } rules { a-sni23-routing-8004 { actions { 0 { cache enable } } conditions { 0 { ssl-extension ssl-client-hello server-name values { example.url } } } } } status draft strategy /Common/first-match } I've tried removing the required part with modify and edit commands, however once saved the part was always put back in the configuration. Chances are I've been doing something wrong here, commands I tried were: modify ltm policy test_policy - require delete { http } - require delete { http ssl-persistence } - require non I also tried to edit the policy and delete the http part. After I saved the config or just exited it was back there again. Perhaps this is where I'm doing something wrong... This results in http profile being required in the VIP that the policy is attached to. And the http profile is causing some issues with my customer. Now I know this is possible, because this is one of the profiles I found (on other partition) for the same customer: ltm policy p-sni25-routing-443 { controls { forwarding } last-modified 2019-06-06:08:06:12 partition mnp_233-dmz requires { ssl-persistence } rules { rule_1 { actions { 0 { forward ssl-client-hello select pool p-sni25-p-7000 } } conditions { 0 { ssl-extension ssl-client-hello server-name values { example.url } } } } The above code was modified at some point of time by my colleague (it had the same issue) who now suffers from selective long term memory losses (selective only to this action) and is unable to help more 😞Solved579Views0likes5Comments