Forum Discussion

Raju_kavad_2973's avatar
Raju_kavad_2973
Icon for Nimbostratus rankNimbostratus
Oct 04, 2017

gtm_add failure

f5 GTM 1600 running on 11.2 version , we are getting below error while perform gtm_add command . kindly advise

 

[xyz:Active:Standalone] ~ gtm_add John@165.222.138.245 WARNING: Running this script will wipe out the current configuration files (bigip_gtm.conf, named.conf and named zone files) on the BIG-IP GTM Controller on which this script is run. The configuration will be replaced with the configuration of the remote BIG-IP GTM Controller in the specified sync group The local BIG-IP GTM MUST already be added in the configuration of the other GTM.

 

Are you absolutely sure you want to do this? [y/n] y

 

==> Running 'bigstart shutdown gtmd' on the local system ==> Running 'bigstart shutdown zrd' on the local system ==> Running 'bigstart shutdown named' on the local system Retrieving remote and installing local BIG-IP's SSL certs ... Enter john password if prompted Password: Syntax Error: "-f" unexpected argument ERROR: Can't read remote cert via /usr/bin/ssh.

 

Restarting gtmd Restarting named[43511425@cgbf-bh26-3002:gtmd DOWN:Standalone] ~

 

  • Good day,

     

    This seems a match for what you are seeing. If not, I believe the workaround (manual exchange) will still work for you.

     

    K13823: The bigip_add script fails to connect to BIG-IP systems running in Appliance mode

     

    https://support.f5.com/csp/article/K13823

     

    Thanks,

     

    Kevin

     

  • Kevin_K_51432's avatar
    Kevin_K_51432
    Historic F5 Account

    Good day,

     

    This seems a match for what you are seeing. If not, I believe the workaround (manual exchange) will still work for you.

     

    K13823: The bigip_add script fails to connect to BIG-IP systems running in Appliance mode

     

    https://support.f5.com/csp/article/K13823

     

    Thanks,

     

    Kevin

     

  • Do you have SSH (TCP/22) open between you GTMs? You need this to exchange certificates

     

  • You may need to log in as root, then use the gtm_add for the certificate exchange to complete.