Forum Discussion

kkarim's avatar
kkarim
Icon for Nimbostratus rankNimbostratus
Jul 03, 2023
Solved

Big-IP add one Allowed Methods to an ASM Security Policy using the command line

Hello everyone 😀 I'm trying to finish my Big-IP setup with tmsh command line whithout any config modification on the Big-IP GUI. I was able to find in the Big-IP documentation everything that I ne...
application delivery
security
  • whisperer's avatar
    whisperer
    Jul 03, 2023

    There may be a *better* way to do this actually. Why not use a test Virtual Server or a test virtual F5 instance to generate the ASM policy. That way, you can export it as XML or PLC and maintain a 'golden config' in a repo such as GitHub. You can then automate the import of this file 😕 Saves quite a bit on the TMSH commands, and you dont have to worry if the modification of a component has not been implemented. Please see the following:

    https://my.f5.com/manage/s/article/K00571548#export

    Just another way of solving this issue, and working around quite a few potential road blocks 😉

whisperer's avatar
whisperer
Icon for MVP rankMVP
Jul 03, 2023

There may be a *better* way to do this actually. Why not use a test Virtual Server or a test virtual F5 instance to generate the ASM policy. That way, you can export it as XML or PLC and maintain a 'golden config' in a repo such as GitHub. You can then automate the import of this file 😕 Saves quite a bit on the TMSH commands, and you dont have to worry if the modification of a component has not been implemented. Please see the following:

https://my.f5.com/manage/s/article/K00571548#export

Just another way of solving this issue, and working around quite a few potential road blocks 😉