Questions on device trust

Devices have to be on the same software version and need to have correct sytemtime.

In general, device trust itself does not usually need to be manually re-established just because of a software upgrade.

What I normally see is that with a small version mismatch, active/standby failover may still stay up over the failover network, but config sync and mirroring are often unavailable until both devices are on the same version. Once both sides are upgraded to a supported matching version, those HA functions typically come back and the devices reconnect normally.

So for your second question, I’d say device trust is usually re-established automatically when the trust relationship is still intact and the temporary version mismatch is removed.

If trust itself was broken or corrupted, that is a different case, and you may need to rebuild trust manually rather than waiting for it to recover on its own

https://my.f5.com/manage/s/article/K20137641

Hi InquisitiveMai​ 

During software upgrades, re-establishing device trust is not required.

Rebuilding device trust is typically needed in scenarios such as changes to the management IP or hostname (on one or both units), hardware replacement (RMA), or during HA-related issues.

Hope it helps!