Running gtm_add on New GTM Fails

Question

I have three GTMS: two old ones running 10.2.3 and one new one running 11.5.3.  I am attempting to add the new one to the synchronization group by running gtm_add against either of the two old ones.  It seems to run for a while and then gives me one error.  This is what I see:&nbsp;
==&gt; Running 'bigstart shutdown gtmd' on the local system&nbsp;
==&gt; Running 'bigstart shutdown zrd' on the local system&nbsp;
==&gt; Running 'bigstart shutdown named' on the local system&nbsp;
    Retrieving remote and installing local BIG-IP's SSL certs ...&nbsp;
Enter root password if prompted&nbsp;
Password:&nbsp;
Rekeying Master Key...&nbsp;
Verifying iQuery connection to 74.205.253.198. This may take up to 30 seconds  &nbsp;
Retrieving remote GTM configuration...  &nbsp;
Syncer failed to retrieve configuration:  &nbsp;
Restarting gtmd&nbsp;
Restarting named&nbsp;
Restarting zrd  &nbsp;
I can't find any information on the syncer error.  I checked the logs and see this error:&nbsp;
May  2 15:34:17 GTM-name err iqsyncer[17338]: 011a005e:3: Error error:00000005:lib(0):func(0):DH lib while attempting to read SSL data.&nbsp;
I can't find any information about this error either.&nbsp;
Each GTM has been added to the others' data centers and servers groups, and they all look green.  Their certificates are current and have unique common names.  I ran big3d_install against the old GTM's so that they all are now running the same version.  I've also confirmed network connectivity by telnetting between the GTM's over ports 22 and 4353.  I think I have covered all my bases, but the gtm_add operation still fails.  Does anyone have any ideas?&nbsp;

youssef1 · Answer

Hello,&nbsp;
Before add new GTM, you have to create The new GTM Object in the the old one.
Then enabling syncronisation.
run the gtm_add script on the new BIG-IP GTM system that you are integrating.
It's very important to follow these steps.
More information don't forget to open 4353 and ssh (ssh just while adding GTM).&nbsp;
Then from your local GTM you can run the bigip_add script from your curent GTM to the new one (if the new one embeded ltm services)...&nbsp;
keep me update if you follow the above procedure to add you new gtm...
Regards,&nbsp;

daniel_epperson · Answer

Can you try upgrading one of the GTMs to a recent 10.2.4 (or later) hotfix, then point gtm_add at that unit? Note that even 10.2.4 goes End of Technical Support this year so best to get them upgraded anyway.

daniel_epperson · Answer

Can you try upgrading one of the GTMs to a recent 10.2.4 (or later) hotfix, then point gtm_add at that unit? Note that even 10.2.4 goes End of Technical Support this year so best to get them upgraded anyway.

jana · Answer

All the GTMs in a sync group should be running the same software version. Please refer to 
https://support.f5.com/kb/en-us/solutions/public/13000/700/sol13734.html&nbsp;

Forum Discussion

Running gtm_add on New GTM Fails

4 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

gtm_add failure

NGINX Unit running in Distributed Cloud vK8s

How to run an FTP server on Kubernetes with F5 BIG-IP

Ansible - Running bash commands with bigip_command module - How it's done

remove ssh after gtm_add/bigip_add/big3d_add ?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS