I'm very new in BIG5, I would like to ask your help, I had a power cut and when the power came up, I wasn't able to access the management GUI but I can ping, also when I tried to ssh, it promps for user/password but it doesn't accept none of the accounts credentials, the only way I can access at the moment is via console, the software image I'm using is BIGIP-14.1.2.8-0.0.7
I tried to restart the httpd and tomcat but didn't produce any change.
Meantime I found the mgmt port mac-address last digit is diferent from listed on switch arp entry, not sure if this have influence because I can ping and reach via ssh.
12-Sep-202111:09 - last edited on 04-Jun-202319:18 by JimmyPackets
Hİ Nuno_xzorp,
As you said in your first post, you could not login via ssh due to wrong credentials. In the second post the mac address is different in the arp record. Could you please make sure you try to connect the right device? I mean after power issue, the bigip may get a new IP address. Please connect via console again, and check your IP address of bigip device. If it is the same IP with the address you are pinging, then check your listening port in your bigip device via netstat command and share with us the result.
12-Sep-202113:26 - last edited on 04-Jun-202319:18 by JimmyPackets
Hi Nuno_zorp,
Ok, the bigip listens on port 443. Could you please try to reach from terminal of your local PC to bigip via telnet?
telnet bigip_IP 443
If the output of telnet is connected, then we can say we have layer4 connectivity. Also, if you use proxy in your browser settings, please disable it and try to connect https://bigip_IP
Sorry, think I created below a new post and not a reply, just to add that for port 22 it opens, as I said in the first post (ssh) so it looks like for some reason port 443 is not working
12-Sep-202114:53 - last edited on 04-Jun-202319:18 by JimmyPackets
Hi Nuno_xzorp,
Although both devices are on the same network, and port 443 listens on the bigip, you could not reach.
Could you please start a tcpdump on your management interface of bigip device, and try to telnet again? I wonder if you see the SYN packet on the tcpdump?
Because you successfully connect via ssh, I was expecting that your second tcpdump should capture some packets. That means the name of interface that you connect is not mgmt. If you change tcpdump command like this: tcpdump -nni 0.0 port 22 or port 443 , you will see some packets.
I guess you normally access your bigip from a self_ip not from a management port.
I'm not sure what has triggered it, but the mgmt mac-address have changed on the system, since then it started to worki. So before it was 00:94:a1:0c:20:80, but the arp on the switch was mapping the mgmt ip to 00:94:a1:0c:20:82, even clearing arp cache and few port shudowns it stayed the same (I mentioned it on my 2nd post). Not sure what triggered this, so not sure if this is a normal behaviour or if it was some bug, the only thing I did was doing those TCPDUMPS that you suggested, at somepoint I started see the packets. I've captured the following logs from kernel, timestamps more or less at the time when started to work:
Sep 13 21:18:18 F5_STD info kernel: lasthop-ingress-v4: tcp non-syn packet
Missed to add the mac address changed from 00:94:a1:0c:20:80 to 00:94:a1:0c:20:82 (which was the one that the switch always got from the BIG5), then it started to work
