APM Policy Sync
Good Day everyone !!
We have F5's deployed at 4 DC's in active/standby mode so total of 8 devices , we are using Access Policy Module for Remote access VPN solution.This was designed by our engineering team and I'm trying to understand the setup of auto-sync policy because recently it was found that sync was not happening properly.
When i checked we have 3 Device Groups 1) Contains all the 8 F5's , sync-only and Full Sync checked so this is Manual (Not sure for what purpose?) 2) contains all the 8 F5's , sync-only , Automatic Sync & Full Sync checked (this is intended for APM policy sync) 3) Contains 2 F5's local box and its redundant pair , sync-Fail over , Automatic Sync checked (This is for Active/standby setup)
I'm trying to understand how the APM policy is getting synced automatically ? For example if i made a change to the policy in one box do i need to login to all the other three boxes and apply the policy manually ? does auto sync in APM means only the data is getting transferred and we need to apply the policy? or its done automatically as well?
Also i heard something like this from my Architect which i couldn't understand "There three different types configuration synchronization on F5 devices, TMOS, DNS, APM policy. The APM policy configuration synchronization uses the TMOS config sync only to transfer data to the redundancy active device. Once the active receives the updated APM policy it has to successful load the policy before the standby device will receive the updated APM policy."
Thank you for your patience ! Hoping to get a reply :)
Murali.