Forum Discussion
THE_BLUE
Cirrostratus
CirrostratusWAF failover
What is the reason behind theactive WAF go standby , is there anything i have to check to know the reason ? i mean do i have to check size , connection or what exactly?
- Daniel_Wolf
MVP
Hi THE_BLUE,
there is a whole knowledge base article on AskF5 for diagnosing failover events:
K95002127: Troubleshooting BIG-IP failover eventsKR
Daniel
THE_BLUEDear @Daniel
Many thanks, highly appriciated.
- THE_BLUE
my active device is (device 1) and my website working fine. when auto faliover happend the active device (device1) become standby , the traffic goes to the active device ( device 2) but my website does not work . it is display blank page only. when i enforce device 2 to becaome standby and device 1 become the active, my website works well.
so what i have to check in this case? note that both device are in sync.
- Gajji
You need to check illegal/block request if any, after failover
Should have both device in sync after any changes done on ASM policies- THE_BLUE
Yes there is block in event logs, but in both devices the same number of urls/parameters and so on . how to check asm sync?
Really silly questions.
But what do you health monitors say on each part of the cluster?
What happens if you disable the waf profile on device 2 (now active).
Are you sure it's the waf profile?
Both BIG-IP'S do health monitors in their own right.
Other than that ASM sync would be my next thing to check, also ensuring your failover sync is setup correctly. (Check the advanced settings just to make sure)
- THE_BLUE
it seems the issue with asm , how to check asm sync? cuz both devices have same number of urls, parameters listed?!
- Gajji
https://support.f5.com/csp/article/K68104353 - check this KB
Also you may check disabling dos/Bot or other profile applied one by one and test.
