Forum Discussion

Rockers_319329's avatar
Icon for Nimbostratus rankNimbostratus
May 18, 2017

Active Passive WAF behave differently.

I am very new in F5 Big IP firewall (WAF) recently i face a problem one application of mine don't reposed when active WAF get inactive that is the another WAF take ownership. By in the web console i found that both are sync. I check the audit log and find out some error which is also unknown to me. Can't add the audit log as i don't find how to add the log.


Waiting for help.


1 Reply

  • You probably haven't enabled the sync for ASM, but let me explain how it works first.


    Even if LTM is not provisioned, your unit will have LTM and ASM working. The active/standby configuration is part of the basic system, so we can say that is LTM. Then you have the virtual server where you apply the ASM policy, the virtual server is definitely LTM configuration.


    So you need to setup the HA pair so LTM configuration is synced between the units, but that will not sync the ASM. To sync the ASM you have to indicate with device group to use.


    In 13.0.0, you have to go to:


    Security > Options > Application Security > Synchronization > Applicaiton Security Synchronization