ASM block all whitelisted urls and parameters in standby device

Question

ASM block all whitelisted urls and parameters in standby device and it allow them in active device. if i faliover to standby device my website doesnt work. where it's working fine if i failover back to my active device.i have checked the number of whitlisted url and parameters in both devices and they are same. i have tried to check the sync so i have created security policy (test_policy) in active device with transpernet mode , and then i have checked the standby device and (test_policy) exist but in blocking mode not trasperent. i don't know why it has been changed.Also, i have created security policy (test_policy2) in active device with blocking mode , and then i have checked the standby device and (test_policy2) exist but in blocking mode too. it's remain as it is.while i'm checking learning and blocking settings in both devices, i noticed that, the default microservices is transpernt in active device and the default microservices is blocking in standby device i don't know if this the issue.I have checked asm logs in standby device and i find sth like the below:ASM subsystem error (asm_config_server.pl,F5::ASMConfig::Handler::log_error_and_rollback): Expected size of /ts/var/sync/sync_xxxxxxxxx__full_update (256769544) does not match actual size (139853824)&nbsp;ASM subsystem error (asm_config_server.pl,F5::ASMConfig::Handler::spawn_relay_handler): Error during 'sync_receive_file_part' while in sync recovery state. Giving up. State may be inconsistent with other peers.kindly advice.

nikoolayy1 · Accepted Answer

Have you followed article https://support.f5.com/csp/article/K12200102
&nbsp;
You also do a full sync to clear any issues:
https://support.f5.com/csp/article/K63470472
&nbsp;
Also sometimes the incremental cache of 1024 for incremental sync needs to be increased to 2048 for example to stop such issues:
&nbsp;
https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/big-ip-device-service-clustering-administration-14-0-0/05.html
&nbsp;
I would also suggest to check the F5 bug tracker and release notes and to upload a qkview to ihealth for your error as your version may have some bug like an asm bigip process for example the&nbsp;asm_config_server needing a restart with bigstart&nbsp; (https://support.f5.com/csp/article/K9073) etc.
&nbsp;
bug Tracker:
&nbsp;
https://support.f5.com/csp/bug-tracker?sf189923893=1
&nbsp;
example release notes:
&nbsp;
https://techdocs.f5.com/kb/en-us/products/big-ip_ltm/releasenotes/related/relnote-supplement-bigip-15-1-4.html
&nbsp;
F5 ihealth:
https://www.f5.com/services/training/free-training-courses/getting-started-with-big-ip-ihealth
&nbsp;
&nbsp;
Just as a security note your policy being in trensperant mode on the active device is normal for the F5 device to not block the traffic but this means that you had a security risk till now so just to know that! Better clear the false positives and make the policy to be in blocking on the active and standby devices:
&nbsp;
https://support.f5.com/csp/article/K70544352

Forum Discussion

SSO Login Update Coming to DevCentral

Kevin - June 2026 Featured F5er

Tyler - May 2026 Featured Member

Recent Discussions

ASM attack signatures not syncing between active and standby F5

Query on source IP preservation for syslog traffic through F5 virtual server

Hardware BIG-IP appliance reach EOSS, but the software version running on it not yet?

VPN Communication Error with F5 BIG-IP Edge Client

simultaneous disabling / enabling of all LTM objects

Related Content

Brute Force protection for single parameter like OTP

F5 BGP Peering in Active /Standby Cluster

Global Blacklist or Whitelist

F5 Active Standby Node Configuration

Wildcard Parameter signature attack