Security Policy not syncing between devices

Question

&nbsp;Greetings,A few days ago, I had to perform a security update and observed a discrepancy in the synchronization of security policies between the two high-availability (HA) devices. To illustrate, a security policy that appeared transparent on the active device was found to be blocking when the standby device took over. The disparity extended beyond just the enforcement mode; even the rules differed, resulting in the unintended blocking of legitimate traffic.&nbsp;I mention that "Application Security Synchronization" is enable for the device group.Software version is:&nbsp;15.1.10.2

m_saeed · Accepted Answer

buzzkilleryou could follow this up as hereunder and let me know if it is fixed or not.
1- make sure to create a new device group "sync-only", you could create it sync automatically or manually

2- then assign it under Security ›› Options : Application Security : Synchronization : Application Security Synchronization
3-and repeat applying sync on it.

4- After making sure syncing with that approach, try again to set WAF sync back to "datasync-global-dg" not your created sync-only group.

-> it would be resolved

nikoolayy1 · Answer

There are a lot of bugs about this&nbsp;Bug Tracker | MyF5&nbsp;. I think that you have to switch between groups and test the&nbsp;M_Saeed&nbsp;solution.

buzzkiller · Answer

Thank you! It worked 😁

Forum Discussion

Security Policy not syncing between devices

3 Replies

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

Using ChatGPT for security and introduction of AI security

Auditing Security Policy Updates

HTTP Multipart and Security Implications

Sync-failover group doesn't sync properly

Minimizing Security Complexity: Managing Distributed WAF Policies