Forum Discussion

buzzkiller's avatar
buzzkiller
Icon for Altostratus rankAltostratus
Nov 13, 2023
Solved

Security Policy not syncing between devices

 

Greetings,

A few days ago, I had to perform a security update and observed a discrepancy in the synchronization of security policies between the two high-availability (HA) devices. To illustrate, a security policy that appeared transparent on the active device was found to be blocking when the standby device took over. The disparity extended beyond just the enforcement mode; even the rules differed, resulting in the unintended blocking of legitimate traffic. 

I mention that "Application Security Synchronization" is enable for the device group.

Software version is: 15.1.10.2

  • buzzkilleryou could follow this up as hereunder and let me know if it is fixed or not.
    1- make sure to create a new device group "sync-only",  you could create it sync automatically or manually

    2- then assign it under Security ›› Options : Application Security : Synchronization : Application Security Synchronization
    3-and repeat applying sync on it.
    4- After making sure syncing with that approach, try again to set WAF sync back to "datasync-global-dg" not your created sync-only group.
     
    -> it would be resolved
     
     



3 Replies

  • buzzkilleryou could follow this up as hereunder and let me know if it is fixed or not.
    1- make sure to create a new device group "sync-only",  you could create it sync automatically or manually

    2- then assign it under Security ›› Options : Application Security : Synchronization : Application Security Synchronization
    3-and repeat applying sync on it.
    4- After making sure syncing with that approach, try again to set WAF sync back to "datasync-global-dg" not your created sync-only group.
     
    -> it would be resolved