12-Sep-2021 04:29
Hi,
I'm very new in BIG5, I would like to ask your help, I had a power cut and when the power came up, I wasn't able to access the management GUI but I can ping, also when I tried to ssh, it promps for user/password but it doesn't accept none of the accounts credentials, the only way I can access at the moment is via console, the software image I'm using is BIGIP-14.1.2.8-0.0.7
I tried to restart the httpd and tomcat but didn't produce any change.
Any ideas?
Thanks
12-Sep-2021 06:34
Hi Nuno_xzorp,
When you connect your bigip device via console, do you see any errors in /var/log/httpd/httpd_errors logs?
Please make sure https service is working on bigip device.
Have a nice day.
12-Sep-2021 10:30
Hi oguzy,
I checked that but don't see any error.
Meantime I found the mgmt port mac-address last digit is diferent from listed on switch arp entry, not sure if this have influence because I can ping and reach via ssh.
Thanks
12-Sep-2021
11:09
- last edited on
04-Jun-2023
19:18
by
JimmyPackets
Hİ Nuno_xzorp,
As you said in your first post, you could not login via ssh due to wrong credentials. In the second post the mac address is different in the arp record. Could you please make sure you try to connect the right device? I mean after power issue, the bigip may get a new IP address. Please connect via console again, and check your IP address of bigip device. If it is the same IP with the address you are pinging, then check your listening port in your bigip device via netstat command and share with us the result.
netstat -ano | grep LISTEN | grep 443
12-Sep-2021 12:33
Hi oguzy,
Thank you for reply.
Yes, the ip address is the same, the result of the command is:
tcp6 0 0 :::443 :::* LISTEN off (0.00/0/0)
thanks for letting me know.
12-Sep-2021
13:26
- last edited on
04-Jun-2023
19:18
by
JimmyPackets
Hi Nuno_zorp,
Ok, the bigip listens on port 443. Could you please try to reach from terminal of your local PC to bigip via telnet?
telnet bigip_IP 443
If the output of telnet is connected, then we can say we have layer4 connectivity. Also, if you use proxy in your browser settings, please disable it and try to connect https://bigip_IP
12-Sep-2021 14:19
Sorry, think I created below a new post and not a reply, just to add that for port 22 it opens, as I said in the first post (ssh) so it looks like for some reason port 443 is not working
12-Sep-2021 13:56
Hi oguzy, I tried but it gave me the following message ".Could not open connection to the host, on port 443: Connect failed"
I'm not using any proxy in my browser settings.
I checked also httpd port :
sys httpd {
ssl-port 443
}
I don't have any firewall in between and I'm trying from same subnet
any clue?
Thanks
12-Sep-2021
14:53
- last edited on
04-Jun-2023
19:18
by
JimmyPackets
Hi Nuno_xzorp,
Although both devices are on the same network, and port 443 listens on the bigip, you could not reach.
Could you please start a tcpdump on your management interface of bigip device, and try to telnet again? I wonder if you see the SYN packet on the tcpdump?
tcpdump -nni name_of_mgmt_interface port 443
13-Sep-2021 06:12
Hi oguzy,
thanks for the reply. Sorry to be able to answer just now. So I did like you suggested for port 443:
1) # tcpdump -nni mgmt port 443
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on mgmt, link-type EN10MB (Ethernet), capture size 65535 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
2) I also tried one thing, capturing port 22 while doing a ssh connection, but surprisely I got nothing (but got the ssh prompt):
# tcpdump -nni mgmt port 22
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on mgmt, link-type EN10MB (Ethernet), capture size 65535 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel
what do you think?
13-Sep-2021 11:50
Hi Nuno_xzorp,
Because you successfully connect via ssh, I was expecting that your second tcpdump should capture some packets. That means the name of interface that you connect is not mgmt. If you change tcpdump command like this: tcpdump -nni 0.0 port 22 or port 443 , you will see some packets.
I guess you normally access your bigip from a self_ip not from a management port.
13-Sep-2021 14:04
Hi oguzy,
I'm not sure what has triggered it, but the mgmt mac-address have changed on the system, since then it started to worki. So before it was 00:94:a1:0c:20:80, but the arp on the switch was mapping the mgmt ip to 00:94:a1:0c:20:82, even clearing arp cache and few port shudowns it stayed the same (I mentioned it on my 2nd post). Not sure what triggered this, so not sure if this is a normal behaviour or if it was some bug, the only thing I did was doing those TCPDUMPS that you suggested, at somepoint I started see the packets. I've captured the following logs from kernel, timestamps more or less at the time when started to work:
Sep 13 21:18:18 F5_STD info kernel: lasthop-ingress-v4: tcp non-syn packet
Sep 13 21:23:46 F5_STD info kernel: device mgmt entered promiscuous mode
Sep 13 21:24:52 F5_STD info kernel: device mgmt left promiscuous mode
if you have any clue of what might have happened let me know. Many thanks for your help!
13-Sep-2021 14:11
Missed to add the mac address changed from 00:94:a1:0c:20:80 to 00:94:a1:0c:20:82 (which was the one that the switch always got from the BIG5), then it started to work