Communication Error with Application Firewall "aslearn" Process After Upgrade to NetScaler 11.0

Description

After upgrading NetScaler from version 10.5-58.11 to 11.0-62.10, the WAF feature behavior has changed. We see that the Content-Type Security Check is blocking every traffic, hence we unchecked the "block" action. Then, we saw in the appfw statistic that Field Formats were blocked as well.

Resolution

To resolve this issue delete the profile database and then restart the aslearn process.
After this we can see that the settings in profile were opening properly and we could see the learned data displayed there.

Problem Cause

The database for the Application Firewall profile was corrupted due to which aslearn module was unable to connect to it and retrieve the data.

Oct 6 09:14:27 <local0.info> XXX.0.0.2 10/06/2015:07:14:27 GMT VPXExtProd01 0-PPE-0 : default GUI CMD_EXECUTED 1670370 0 : User John Doe - Remote_ip XXX.19.XXX.XXX - Command "show appfw learningdata WebPub_vs_af_1 startURL" - Status "ERROR: Communication error with aslearn"

Issue/Introduction

After upgrading NetScaler from version 10.5-58.11 to 11.0-62.10, the WAF feature behavior has changed. We see that the Content-Type Security Check is blocking every traffic, hence we unchecked the "block" action. Then, we saw in the appfw statistic that Field Formats were blocked as well.

Welcome to "KB Articles"