Problems with WAF wizard

[Michael B]

Hi all, I'm trying to run the WAF wizard to deploy basic security on public facing sites using signatures. Initially I would run in logging mode and not block, but I can't even get that far. I can manually update the Signatures, so they are current. The wizard never completes just spins and will not create a copy of signatures, any polices etc. The only item that gets created is a profile but no settings are configured. I'm running 13.1-49.15, Platinum license with the features enabled. Any thoughts or known issues with this firmware version?

I've already opened a case and waiting for them to investigate further.

Thanks.

[Akhil Nair]

@Michael B​ - I tried this internally but did not face this issue. Besides, we haven't come across any known issues around the WAF wizard for 13.1-49.15 builds. Could you please raise a support ticket as I feel more info might be required to troubleshoot this?

[Michael B]

Thanks for the response. I already have a support ticket open, and the support technician confirmed the behavior and asked for a support bundle which is uploaded. Still have not heard back from him.

I did notice there are some syslog messages getting sent from the instances with the following errors:

"Failed to download mapping file from: https://s3.amazonaws.com/NSAppFwSignatures/SignaturesMapping.xml "

WARNING

Event:Message

Module:APPFW

Type:nsvpx

Nov 10 2023 08:59:11

"Failed to parse Signatures mapping file: '/nsconfig/waf_signatures/SignaturesMapping.xml' "

WARNING

Event:Message

Module:APPFW

Type:nsvpx

It would initially seem like something was blocking access to the AWS source for the signatures, but I am able to manually force the update with no errors. I have tried to review our network logs for any blocks like that and have not found any.

[Akhil Nair]

Sounds good. It would be easier for us to once support gets back to the engg team so we can troubleshoot the issue further.