F5 login banner - GUI/CLI

Question

Hello Team ,&nbsp;I would like to set the login banner , Can you please confirm if the below command works ? Will this applicable for both GUI nad CLI banner ?tmsh modify sys global-settings console-inactivity-timeout 900tmsh modify sys gui-security-banner-text "THIS IS A TEST MACHINE."tmsh modify cli global-settings idle-timeout 15&nbsp;&nbsp;

f5_design_engineer · Accepted Answer

Hi Sarovani,
For the command help that you have asked please see below
Task 1
tmsh modify sys global-settings console-inactivity-timeout 900Task 2
tmsh modify sys gui-security-banner-text "THIS IS A TEST MACHINE."Task 3
tmsh modify cli global-settings idle-timeout 15
So in general here are the options available for SYS GOBAL-Settings options
root@(F5-Design_Engg02)(cfg-sync Standalone)(Active)(/Common)(tmos)# list sys global-settingsOptions:all-properties one-linenon-default-properties |Properties:aws-access-key&nbsp;aws-api-max-concurrencyaws-secret-key&nbsp;console-inactivity-timeout&nbsp;custom-addr&nbsp;description&nbsp;failsafe-actionfile-blacklist-path-prefixfile-blacklist-read-only-path-prefixfile-local-path-prefix&nbsp;file-whitelist-path-prefix&nbsp;
gui-audit gui-expired-cert-alert gui-security-banner gui-security-banner-text gui-setup host-addr-mode hostname hosts-allow-include lcd-display led-locator mgmt-dhcp
net-rebootpassword-promptquiet-bootremote-hostssh-max-session-limitssh-max-se
ssion-limit-per-userssh-root-session-limitssh-session-limitusername-prompt
TASK 1&nbsp;(IN TMSH Mode)
=======
tmsh modify sys global-settings console-inactivity-timeout 900
======
Please take ucs backup before making changes .
First use list command to note the default settings in case you need to rever back or for your history purpose
root@(F5-Design_Engg02)(cfg-sync Standalone)(Active)(/Common)(tmos)# list sys global-settings console-inactivity-timeoutsys global-settings {console-inactivity-timeout 0}
The command you need in TMSH Mode
list sys global-settings console-inactivity-timeout
modify&nbsp; sys global-settings console-inactivity-timeout 900
Task 2&nbsp;(IN TMSH Mode) - This will apply onnly on the GUI
=======
tmsh modify sys gui-security-banner-text "THIS IS A TEST MACHINE."
Here you need to check 2 command that GUI Security Banner should be enabled if not you have to modify and make it enable also to use the second part of this command.
root@(F5-Design_Engg02)(cfg-sync Standalone)(Active)(/Common)(tmos)# list sys global-settings gui-security-bannersys global-settings {gui-security-banner enabled}
root@(F5-Design_Engg02)(cfg-sync Standalone)(Active)(/Common)(tmos)# list sys global-settings gui-security-banner-textsys global-settings {gui-security-banner-text "Welcome to the BIG-IP Configuration Utility.
Log in with your username and password using the fields on the left."}
Modify Command
root@(F5-Design_Engg02)(cfg-sync Standalone)(Active)(/Common)(tmos)# modify sys global-settings gui-security-banner-text "THIS IS A TEST MACHINE"root@(F5-Design_Engg02)(cfg-sync Standalone)(Active)(/Common)(tmos)#
Test /List again after changing banner
root@(F5-Design_Engg02)(cfg-sync Standalone)(Active)(/Common)(tmos)# list sys global-settings gui-security-banner-text sys global-settings {gui-security-banner-text "THIS IS A TEST MACHINE"}

&nbsp;
TASK 3(IN TMSH Mode)
=========
tmsh modify cli global-settings idle-timeout 15
root@(F5-Design_Engg02)(cfg-sync Standalone)(Active)(/Common)(tmos)# list cli global-settings idle-timeoutcli global-settings {idle-timeout disabled}
list&nbsp;cli global-settings idle-timeout
tmsh modify cli global-settings idle-timeout 15&nbsp;
So leftover task is to set a Banner for pre login and post login on CLI please refer the following 2 articles
a pre-login or post-login message banner for the BIG-IPhttps://my.f5.com/manage/s/article/K6068
Configure an advisory banner for the BIG-IP systemhttps://my.f5.com/manage/s/article/K42313219
Hope this helps
🙏

&nbsp;
&nbsp;

Forum Discussion

F5 login banner - GUI/CLI

2 Replies

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

IPv8 Would Fix My Routing Tables. It Will Never Ship.

Recent Discussions

Related Content

Should config via cli rather than gui?

Bypass Azure Login Page by adding a login hint in the SAML Request

Easter Egg: BIG-IP Advisory Banner

Insufficient permissions BIG-IQ login error

Bypass Azure Login Page with OAuth login_hint on F5 BIG-IP APM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS