Bug ID 537213: Second push is required after deactivating Active Security Policy and Sync flag indicates "In Sync" status

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Opened: Aug 03, 2015

Severity: 3-Major

Symptoms

Changes made to security policies are not synced to peer. The sync status says "In sync" but the policy changes have not been made.

Impact

Changes are not propagated to the other devices in the sync-only device group, yet the sync status says it is in sync (the sync-failover group will say changes are pending). If you perform a second sync, the changes are pushed to the other devices.

Conditions

This occurs when making changes to security policies with policies on each device in a sync-only ASM device group.

Workaround

Performing a second sync will push the changes to the other devices.

Fix Information

None

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips