Forum Discussion
Chris_Grant
Feb 15, 2016Employee
If you are applying global rules they you need to modify the global-network logging profile to log to your intended destination. I know that we generally advise against modifying default profiles, but in this case it is the only way to log rules that are applied in a global context. Creating a child profile with global-network as the parent will not work.
Bear in mind that the AFM still requires a valid TMM listener to handle the traffic after it passes the firewall. BigIP is a default deny device and will not pass traffic unless configured to do so.