Forum Discussion
Sep_111658
Nimbostratus
Dec 06, 2010enable/disable nodes on multiple F5 devices via single UI
Hi All,
I have a requirement to manage nodes on multiple F5 devices which are configured as an active-active infrastructure with active/passive redundency in each site. so essentially there are 4 F5 devices that are configured exactly the same (VIPS, pools, nodes, users). My team only has operator access without the Sync functionality, so you can see how hard it is to enable/disable nodes in this environment. we have to login to all devices and manually perform this operation.
I am using the following application and I would like to customise it so that it can enumerate a list of nodes from one of the F5 devices, and then carry out the enable/disable command on all load balancers in the stacks.
http://devcentral.f5.com/wiki/default.aspx/iControl/VirtualServerPoolMemberStatusAndControl.html
I have gone as far as reading the nodes in the tree view as well as add the option of "Force Offline" as Joes very usefull instructions, however having trouble with performing this process on multiple F5s.
As the username/passwork are the same on all the devices, user should be able to supply their credentials once, provide a comma seperate list of host ip addresses, and the tool should manage the rest.
I would really appreciate any advice on this as I am unable to find any information on this on the net.
Thanks heaps
Sep
- JG
Cumulonimbus
You mis-typed "ECDHE" in your SSL Server Profile.
- JG
Cumulonimbus
On v11.6.1, I get this:
tmm --serverciphers 'DEFAULT:!SSLv3:!ECDHE:!EDH' ID SUITE BITS PROT METHOD CIPHER MAC KEYX 0: 157 AES256-GCM-SHA384 256 TLS1.2 Native AES-GCM SHA384 RSA 1: 156 AES128-GCM-SHA256 128 TLS1.2 Native AES-GCM SHA256 RSA 2: 61 AES256-SHA256 256 TLS1.2 Native AES SHA256 RSA 3: 53 AES256-SHA 256 TLS1 Native AES SHA RSA 4: 53 AES256-SHA 256 TLS1.1 Native AES SHA RSA 5: 53 AES256-SHA 256 TLS1.2 Native AES SHA RSA 6: 53 AES256-SHA 256 DTLS1 Native AES SHA RSA 7: 60 AES128-SHA256 128 TLS1.2 Native AES SHA256 RSA 8: 47 AES128-SHA 128 TLS1 Native AES SHA RSA 9: 47 AES128-SHA 128 TLS1.1 Native AES SHA RSA 10: 47 AES128-SHA 128 TLS1.2 Native AES SHA RSA 11: 47 AES128-SHA 128 DTLS1 Native AES SHA RSA 12: 10 DES-CBC3-SHA 192 TLS1 Native DES SHA RSA 13: 10 DES-CBC3-SHA 192 TLS1.1 Native DES SHA RSA 14: 10 DES-CBC3-SHA 192 TLS1.2 Native DES SHA RSA 15: 10 DES-CBC3-SHA 192 DTLS1 Native DES SHA RSA
which does not include ECDHE at all.
For testing, you may specify just one "NONE:AES128-SHA256" and see if you still get the same message.
Recent Discussions
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects