Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Madhukara_33449's avatar
Madhukara_33449
Icon for Nimbostratus rankNimbostratus
Sep 25, 2017

Advice: Best practises for LTM+ASM

Hi,   Im New to F5, need your help with the best practices for LTM+ASM HA configuration   Current Setup details:   Hardware: i5800 X 2 devices . Virtual Guests created on both the Physical...
application delivery
ASM Advanced WAF
LTM
Jad_Tabbara__J1's avatar
Jad_Tabbara__J1
Icon for Cirrostratus rankCirrostratus
Sep 25, 2017

Hey Madhukha,

 

To setup the HA in a Active/Standby mode follow these steps :

 

Note: You must perform this task locally on each device in the device group.

 

  • Specifying an IP for "config sync" & for "connection mirroring"

"Device Management > Devices" => choose the local device

 

From "Device Connectivity" menu, choose "ConfigSync" => F5 Networks recommends that you use the default value, which is the self IP address for the internal VLAN. This address must be a non-floating (static) self IP address and not a management IP address.

 

From "Device Connectivity" menu, choose "Mirroring" => The recommended IP address is the self IP address for either VLAN HA or VLAN internal.

 

  • Establishing device trust

"Device Management > Device Trust" then "Peer List" or "Subordinate List" Click Add

 

  • Creating a Sync-Failover device group

"Device Management > Device Groups" click "Create"

 

  • Specifying IP for failover communication

"Device Management > Devices"

 

From "Device Connectivity" menu, choose "Failover Network" => Failover Unicast : preferably VLAN HA and the static management IP address

 

Hope it helps

 

Regards