Sync Config from Production Unit to Development VE

have you tried to modify configuration file directly and then run "tmsh load sys config"? i understand configuration has already been restored but couldn't be loaded (because of the error you got).

Thanks for the suggestion.. No, alas the configuration did not successfully get restored. Apologies, I should have put the following error that I received in the original post:

 

 

/config/bigip_user.conf 01070307:3: Invalid interface 1.4 Unexpected Error: Loading configuration process failed.

 

 

Interface 1.4 is enabled on the HA devices (as the heartbeat interface), but it does not exist on the Development VM.

No, alas the configuration did not successfully get restored.have you checked configuration file e.g. bigip_base.conf, bigip.conf, etc?

Sorry, I just read the errors again (properly this time)... It looks like you are right, the config did get restored. I will try as you suggest and see if I can edit the conf files and attempt another load of the config.

 

 

Thanks for the help

Issue Resolved (I think)

 

**Edit Jan 7 2013** -> Added point 11.

 

 

Just in case anyone else wants to do this, here are the steps I followed (may or may not all be required, but this process worked for me):

 

 

1.) Take the UCS archive file from Prod (source BigIP) and copy to Dev (target BigIP) into the /var/tmp folder

 

2.) Take a backup of the bigip_base.conf and bigip.license (I just used the mv command in the shell and put a “.dev” extension on it - we do this as these are device specific configs)

 

3.) Load the UCS file from Prod (using load /sys ucs /var/tmp/prodbackup.ucs no-platform-check) *the error this throws is expected*

 

4.) Replace the bigip_base.conf and bigip.license with the backups from point 2 (to keep the target base settings and license file)

 

5.) Run bigstart restart command to pick up the old license again

 

6.) Go through the bigip.conf file and make any specific changes to IP addresses for virtual servers etc (ie change the IP's specific to the source device to the corresponding IP's for the target device, including VPN Pool addresses)

 

7.) I also needed to change some VLAN settings in the target bigip_base.conf on the target BigIP (to match those from the source machine)

 

8.) Run tmsh load sys config verify and fix any errors that pop up in the relevant config files (and repeat this step until all resolved.)

 

9.) If there are no issues in the command from point 8, finalise the changes by running the command tmsh load sys config

 

10.) Redo all the SSL certificates (to match the target BigIP host names)

 

11.) If you have SecurID on your devices, you will need to update the Agent Host IP address and update the securid.conf file on the target BigIP

 

 

Point 3 is required to get all the iFiles/custom stuff etc from the source to the correct location on the target system first.

 

 

Like I say, I "think" this is the right process to use. Could probably tidy it up by modifying and re-compressing the files in the UCS first (to avoid changing them later). If anyone has anything else to add to this, please do as I may have missed a few things.

 

 

there is no-license option too. 🙂

root@(B3900-R72-S16)(cfg-sync Standalone)(Active)(/Common)(tmos) load sys ucs config.ucs ?
Options:
  no-license         This option mostly is for RMA use. It loads full configuration from a UCS file except license file.
  no-platform-check  Bypass platform check.
  passphrase         Passphrase for (un)encrypting UCS.

there is no-license option too. 🙂

root@(B3900-R72-S16)(cfg-sync Standalone)(Active)(/Common)(tmos) load sys ucs config.ucs ?
Options:
  no-license         This option mostly is for RMA use. It loads full configuration from a UCS file except license file.
  no-platform-check  Bypass platform check.
  passphrase         Passphrase for (un)encrypting UCS.