Syncing F5 APM Policies Across Cloud Regions or Datacenters

In a previous article, I discussed the syncing of F5 ASM policies across BIG-IP instances stretching separate datacenters or different cloud regions. This use case was extremely useful to me when dep...
Published Jan 04, 2019
Version 1.0
application delivery
BIG-IP
BIG-IP Access Policy Manager (APM)
Steve_Lyons's avatar
Steve_Lyons
Ret. Employee
Jan 04, 2019

Amolari, thanks for the feedback. Yes, you are correct.

 

Understanding policy sync device group setup for Active-Standby pairs To add devices to a device group, all devices must belong to the same local trust domain. If you want to sync access policies with a device that does not belong to the local trust domain, but also belongs to a Sync-Failover group, you must reset the trust between the devices and remove them from the Sync-Failover device group. (For more information, see BIG-IP® Device Service Clustering: Administration on the AskF5™ web site located at http://support.f5.com/.)

 

After you establish device trust between your BIG-IP system and the devices, you can add them to a Sync-Failover group again.