Active/Active HA Setup

Question

I have a question regarding HA Setup with Active/Active Setup.

I want to perform sync in both devices without affecting the configured routes of Both F5. Do you have an idea how could I do it? I'm trying to configure it in an F5 VE AWS environment.

stephanmanthey · Answer

There is a way to put configuration objects (i.e. virtuals, pools,profiles) and file objects (i.e. certs/keys) into folders.
You would run your BIG-IPs not in a sync-failover device group, but in a sync-only device group.
To create the folder you might follow this example:
tmsh create sys folder allsites_synconly \
device-group devgroup_sync-only_all-sites \
traffic-group none
tmsh save sys config partitions all
Objects like certificates may be imported/assigned to a folder like this:
tmsh create sys file ssl-key allsites_synconly/cert_service.bit \
source-path file:/shared/service.bit/service.bit.key
tmsh create sys file ssl-cert allsites_synconly/cert_service.bit \ source-path file:/shared/service.bit/service.bit.crt

If you prefer using the TMUI, don´t forget to put the folder always in front of your objekt name, i.e.:

&nbsp;
&nbsp;

Forum Discussion

Active/Active HA Setup

1 Reply

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Want to understand BigIP F5 LB Active/Active setup

Four Active/Active load balancing examples with F5 BIG-IP and Azure Load Balancer

Active Cyber Defense - background and timeline

Azure Active Directory and BIG-IP APM Integration

GPS spoofing, 16 billion passwords exposed, Operation RoundPress, and Active Cyber Defense

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS