f5 LTM
f5 LTM
f5 LTM
Lab Guide
November, 2018
Legal Notices
Copyright 2018; F5 Networks; Inc. All rights reserved.
F5 Networks; Inc. (F5) believes the information it furnishes to be accurate and reliable. However; F5 assumes no responsibility for the use of this
information; nor any infringement of patents or other rights of third parties which may result from its use. No license is granted by implication or
otherwise under any patent; copyright; or other intellectual property right of F5 except as specifically described by applicable user licenses. F5
reserves the right to change specifications at any time without notice.
Trademarks
AAM, Access Policy Manager, Advanced Client Authentication, Advanced Firewall Manager, Advanced Routing, AFM, APM, Application
Acceleration Manager, Application Security Manager, AskF5, ASM, BIG-IP, BIG-IP EDGE GATEWAY, BIG-IQ, Cloud Extender, Cloud
Manager, CloudFucious, Clustered Multiprocessing, CMP, COHESION, Data Manager, DDoS Frontline, DDoS SWAT, Defense.Net,
defense.net [DESIGN], DevCentral, DevCentral [DESIGN], DNS Express, DSC, DSI, Edge Client, Edge Gateway, Edge Portal, ELEVATE, EM,
ENGAGE, Enterprise Manager, F5, F5 [DESIGN], F5 Agility, F5 Certified [DESIGN], F5 Networks, F5 SalesXchange [DESIGN], F5 Synthesis,
f5 Synthesis, F5 Synthesis [DESIGN], F5 TechXchange [DESIGN], Fast Application Proxy, Fast Cache, FCINCO, Global Traffic Manager,
GTM, GUARDIAN, iApps, IBR, iCall, iControl, iHealth, Intelligent Browser Referencing, Intelligent Compression, IPv6 Gateway, iQuery,
iRules, iRules OnDemand, iSession, L7 Rate Shaping, LC, Link Controller, LineRate, LineRate Point, LineRate Precision, LineRate Systems
[DESIGN], Local Traffic Manager, LROS, LTM, Message Security Manager, MobileSafe, MSM, OneConnect, Packet Velocity, PEM, Policy
Enforcement Manager, Protocol Security Manager, PSM, Ready Defense, Real Traffic Policy Builder, SalesXchange, ScaleN, SDAS (except in
Japan), SDC, Signaling Delivery Controller, Solutions for an application world, Software Designed Applications Services, Silverline, SSL
Acceleration, SSL Everywhere, StrongBox, SuperVIP, SYN Check, SYNTHESIS, TCP Express, TDR, TechXchange, TMOS, TotALL, TDR,
TMOS, Traffic Management Operating System, Traffix, Traffix [DESIGN], Transparent Data Reduction, UNITY, VAULT, vCMP, VE F5
[DESIGN], Versafe, Versafe [DESIGN], VIPRION, Virtual Clustered Multiprocessing, WebSafe, and ZoneRunner, are trademarks or service
marks of F5 Networks, Inc., in the U.S. and other countries, and may not be used without F5's express written consent. All other product and
company names herein may be trademarks of their respective owners.
Table of Contents
Lab 1 BIG-IP Administration.................................................................................................... 1
Lab 1A: Configure the Management Port.. ............................................................................................................2
Lab 1B: Set Up the BIG-IP System ........................................................................................................................6
Lab 1C: Create a UCS Archive of Your Configuration ........................................................................................ 11
This lab corresponds with the activities presented in Getting Started with
BIG-IP: Part 1 – Administration.
Lab Objectives
• Change the default passwords
• Use a PuTTY session to change the Management Port IP address and netmask
• Run the Setup utility and configure system access parameters
• Create a UCS archive of the BIG-IP system configuration.
• Create a qkview file, upload to BIG-IP iHealth for analysis, and review the diagnostics produced
Lab Requirements
You must have successfully completed the instructions entitled “Starting up the Lab Environment” in the
Getting Started Lab Introduction document.
At this point, your BIG-IP system is licensed and provisioned for the LTM module. The management
address is set to the default 192.168.1.245/24.
Enter the IP address 192.168.1.245 and port 22 as shown below and click Open.
2. When prompted to log into the BIG-IP system, authenticate with username root and password
default.
3. When prompted for (current) UNIX password: type default and enter.
4. Change the password for the root user account, as shown in the table below:
New Password f5trn1
Confirm f5trn1
5. At the Linux bash prompt (e.g. config #), enter the command: config
6. Start the utility by clicking the OK button.
Use the <Tab> key to tab between fields and options in the config tool.
Use the <Backspace> and/or <Delete> keys to remove field content.
Use the <Enter> key to select an option (such as “OK” or “Next”). You
can also select an option by moving the mouse cursor over a particular
option (such as “OK” or “Next”) and clicking.
If you make a mistake and want to quit, use the <Esc> key and answer
No to “Accept these settings?” You will return to the shell prompt where
you can enter the config command and try again.
7. On the Select Management IP Family Type panel, ensure the IPv4 option is highlighted, and
press the <Enter> key. (If the IPv4 option is not already highlighted, use the <Tab> key to tab to
it before pressing the <Enter> key.)
14. Click the X to close the PuTTY SSH session, and click Yes to confirm.
1. Click the Firefox Web Browser icon in the toolbar to access your BIG-IP system. (The icon
automatically opens a browser session to the BIG-IP system at https://192.168.1.31.)
2. When prompted, log in with a username of admin and with a password f5trn1.
In BIG-IP v14.0, when you change the root password as you did
previously, the admin account password is changed to the same
password, but it is also marked as expired.
When you log in as an admin for the first time, log in using the password
you set for the root account, and then change your admin password.
3. Change the password for the admin user account, as shown in the table below:
Current Password f5trn1
New Password f5trn1
Confirm f5trn1
When complete, click… Save
4. When prompted, log in with a username of admin and with a password of f5trn1.
5. In the Welcome screen, click the Next link to access the Setup utility.
6. On the subsequent Setup Utility » License page, review the features that have been licensed,
scroll down, and click Next.
Verify Provisioning
7. On the Resource Provisioning page of the Setup utility, verify your provisioning settings match
those listed in the table below. For these labs, the systems are already licensed and provisioned
for Local Traffic Manager.
8. After provisioning is complete, the Device Certificates page in the Setup Utility is displayed. We
will be using the BIG-IP system’s self-signed certificate in this lab. Note the expiration date for
the certificate. Click the Next button to continue.
9. In the General Properties section of the next page, configure general properties and
administrative access usernames/passwords. Some fields may already contain the correct values.
Leave the default values for the fields not mentioned in the table below.
10. Continue the Setup utility by performing a Standard Network Configuration. Click the Next
button under the Standard Network Configuration heading.
11. Accept these default settings to configure the Redundant Device Wizard Options, then click
Next.
Configure Self IPs, VLANs, and High Availability
12. Configure the internal network and internal VLAN by entering the following settings:
13. Next, configure the external network and VLAN by entering the following settings:
14. Configure the high availability network to use the existing VLAN internal.
15. Configure the BIG-IP system to synchronize its clock with an NTP server with an IP address of
172.16.20.1. Click Add and the Next button to continue.
16. Leave this page with its default settings, and click the Next button to continue.
Configure ConfigSync
17. Accept the default settings for ConfigSync configuration, as shown below:
18. Accept the default settings for Management Failover Unicast Configuration, Failover Unicast
Configuration and Failover Multicast Configuration, as shown below:
Configure Mirroring
19. Accept the default primary and secondary local mirror address settings for Mirroring
Configuration.
20. You have now configured the network interfaces required to support a standard BIG-IP
configuration.
21. Click the Finished button under the Advanced Device Management Configuration heading.
There should be a message at the top of the page indicating Setup Utility Complete.
Configuration Utility
Configuration Utility