User Tools

Site Tools


f5_bigip:f5_general

F5 General

Installation First Steps

Login: root
Password: default

# config

(change management IP)

or via tmsh:

tmsh
modify sys global-settings mgmt-dhcp disabled
create /sys management-ip 192.168.17.231/255.255.255.0
create /sys management-route default gateway 192.168.17.254

From <https://support.f5.com/csp/article/K15040> 

Use Browser to connect

Ping and telnet within Route Domains

Option 1:
# ping <IP>%<RD>

Example:
# ping 192.168.22.56
PING 192.168.22.56 (192.168.22.56) 56(84) bytes of data.
^C
--- 192.168.22.56 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4004ms

# ping 192.168.22.56%5
PING 192.168.22.56%5 (192.168.22.56%5) 56(84) bytes of data.
64 bytes from 192.168.22.56%5: icmp_seq=1 ttl=64 time=0.014 ms
64 bytes from 192.168.22.56%5: icmp_seq=2 ttl=64 time=0.032 ms
64 bytes from 192.168.22.56%5: icmp_seq=3 ttl=64 time=0.014 ms
^C
--- 192.168.22.56%5 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2001ms


Option2:
Change to Route Domain Shell. No need to add %<RD> behind ping

# rdsh 5
# ping 192.168.22.56
PING 192.168.22.56 (192.168.22.56) 56(84) bytes of data.
64 bytes from 192.168.22.56: icmp_seq=1 ttl=64 time=0.015 ms
64 bytes from 192.168.22.56: icmp_seq=2 ttl=64 time=0.016 ms
64 bytes from 192.168.22.56: icmp_seq=3 ttl=64 time=0.038 ms
^C
--- 192.168.22.56 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.015/0.023/0.038/0.010 ms

# ping 192.168.22.56%5
PING 192.168.22.56%5 (192.168.22.56%5) 56(84) bytes of data.
64 bytes from 192.168.22.56%5: icmp_seq=1 ttl=64 time=0.016 ms
64 bytes from 192.168.22.56%5: icmp_seq=2 ttl=64 time=0.017 ms
64 bytes from 192.168.22.56%5: icmp_seq=3 ttl=64 time=0.017 ms
^C
--- 192.168.22.56%5 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.016/0.016/0.017/0.004 ms

# exit

26 February 2016 10:57

Headline

tmsh list cm device configsync-ip

cut&paste config

In tmsh:

load sys config from-terminal merge

You can paste config at that point. Use ^D to submit what was pasted, ^C to cancel.

tcpdump

https://support.f5.com/csp/article/K6546

1) Packet capture only works in root domain
2) use exit if not in root domain, don't do rdsh 0 within non-root domain ex. don’t do rdsh 5, than rdsh0 - capture won't work. 
3) interface 0.0 seems to be the 'magic' interface.


tcpdump -s 1500 -ni 0.0 dst host 10.29.64.230 or src host 10.29.64.230
tcpdump -w /var/tmp/appgw.cap -s 1500 -ni 0.0 dst host 10.29.64.230 or src host 10.29.64.230

curl -v https://gateway.example.com/  --user Testuser
Enter host password for user 'Testuser':
*   Trying 1.2.3.4...
* Connected to gateway.example.com (1.2.3.4) port 443 (#0)
* found 173 certificates in /etc/ssl/certs/ca-certificates.crt
* found 692 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* SSL connection using TLS1.2 / ECDHE_RSA_AES_256_GCM_SHA384
*        server certificate verification OK
*        server certificate status verification SKIPPED
*        common name: gateway.example.com (matched)
*        server certificate expiration date OK
*        server certificate activation date OK
*        certificate public key: RSA
*        certificate version: #3
*        subject: C=GB,L=London,O=EXAMPLE,OU=IT-Dep,CN=gateway.example.com
*        start date: Wed, 19 Mar 2014 00:00:00 GMT
*        expire date: Fri, 19 Mar 2016 12:00:00 GMT
*        issuer: C=US,O=DigiCert Inc,OU=www.digicert.com,CN=Thawte RSA CA 2018
*        compression: NULL
* ALPN, server did not agree to a protocol
* Server auth using Basic with user 'Testuser'
> GET / HTTP/1.1
> Host: gateway.example.com
> Authorization: Basic 93JwUQpv51Bce8273HAbaew
> User-Agent: curl/7.47.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Content-Type: text/html
< Accept-Ranges: bytes
< Set-Cookie: MyCookie=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx;Path=/;Domain=gateway.example.com
< Date: Tue, 03 Jul 2015 11:23:11 GMT
< Content-Length: 123
<
<html>
<head>
 <title>
   MyApp - Not Authorised
 </title>
...
</head>
<body>
...
</body>
</html>
* Connection #0 to host gateway.example.com left intact


f5_bigip/f5_general.txt · Last modified: 2023/12/12 14:28 by 127.0.0.1

Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki