Forum Discussion
P_Shepherd_1790
Nimbostratus
Nimbostratusgtm_add fails on SSH conneciton
BIG-IP running 11.5.1 HF8
When creating a GTM failover pair the process falls down when I run the gtm_add on the secondary unit.
ssh: connect to host 10.10.22.2 port 22: Connection refused ERROR: Can't read remote cert via /usr/bin/ssh.
The Big-IPs have three interfaces; Management, HA and External
I want to setup the GTM pairing between the External interfaces as this is also the interface that will be used for the connection between the datacentres.
I can ping the IP address.
I can SSH to the other two interfaces.
SSH is allowed and all IP addressing is allowed. But when I try to SSH from one to the other on the External interface the connection is refused.
sys sshd {
allow { ALL }
banner disabled
banner-text none
description none
inactivity-timeout 0
include none
log-level info
login enabled
}
The only hardware between the two devices is the a switch stack.
amolariCirrostratus
you're not in appliance mode aren't you?
What_Lies_Bene1Check the Self-IP configuration for the external interface/VLAN and confirm what the Port Lockdown setting is.
P_Shepherd_1790Thank you What Lies Beneath.
Didn't spot that the Port Lockdown was set to allow none.
Change it to Allow Default and success.
Noushad_Vellad1Altostratus
if your username is logged to tmos shell (which I guess is appliance mode), you can use username "root" to add LTMs to GTM. Root is presented with bash shell instead of tmos. For redundant LTM systems, you have to add each unit separately to gtm. I have tested this with bigip_add command.