Forum Discussion
Security Policy not syncing between devices
Greetings,
A few days ago, I had to perform a security update and observed a discrepancy in the synchronization of security policies between the two high-availability (HA) devices. To illustrate, a security policy that appeared transparent on the active device was found to be blocking when the standby device took over. The disparity extended beyond just the enforcement mode; even the rules differed, resulting in the unintended blocking of legitimate traffic.
I mention that "Application Security Synchronization" is enable for the device group.
Software version is: 15.1.10.2
buzzkilleryou could follow this up as hereunder and let me know if it is fixed or not.
1- make sure to create a new device group "sync-only", you could create it sync automatically or manually2- then assign it under Security ›› Options : Application Security : Synchronization : Application Security Synchronization
3-and repeat applying sync on it.4- After making sure syncing with that approach, try again to set WAF sync back to "datasync-global-dg" not your created sync-only group.-> it would be resolved
There are a lot of bugs about this Bug Tracker | MyF5 . I think that you have to switch between groups and test the M_Saeed solution.
- M_SaeedCirrus
buzzkilleryou could follow this up as hereunder and let me know if it is fixed or not.
1- make sure to create a new device group "sync-only", you could create it sync automatically or manually2- then assign it under Security ›› Options : Application Security : Synchronization : Application Security Synchronization
3-and repeat applying sync on it.4- After making sure syncing with that approach, try again to set WAF sync back to "datasync-global-dg" not your created sync-only group.-> it would be resolved- buzzkillerAltocumulus
Thank you! It worked 😁
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com