Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

BigIP ESXi version routing problem. Probably asymmetric routing ?


Happy new year everybody,

Got a problem with BigIP ESXi So far all I did was download the .ova file ,install it via Vmware player ,the free edition, and run 'config' command to set the management ip. As you can see in the images below its on bridge connection using my on board nic. My problem is that although I can ping from the bigip vm to both my host windows,and other vms using same connective in same network, machine and to the outside world, tried for example, while obviously being able to ping back from my host machine I seem unable to connect to the web interface in order to activate product and configure it further. The error I get on browser is 'connection refused'. Tried telnet with putty and still cant connect. Both vm and host are on same subnet /24. Host machine ip is,bigip management ip is and default getaway is Tried setting a static arp route following this, so my command was create net arp myarp ip-address mac-adress '',which mac adress I found from running ipconfig/all on my windows host. Error was that 'neighbor entry cant be resolved'. Last thing I did was restarting Vm after I closed down skype because I recall it causing issues with port 80 and apache when both were running so I thought maybe it interferes with Vms as well. But it didn't fix the problem. Is there something else I can do ? Am I wrong about asymmetric routing ? My end goal is to build a lab with the bigip and a another ubuntu server vm I already built with some docker images inside and test it.

Thanks in advance for your help




If I understand correctly, you are able to ping from the BIG-IP? Can you share the output from the following command?


# curl -v

0691T000005oGDuQAM.png0691T000005oGDzQAM.png0691T000005oGE4QAM.png0691T000005oGE9QAM.pngsorry for the awful format for some reason when i output to a txt file it only captures part of the output

And yes I can ping . The Vm can ping outside my local network.

And what output does the command 'ip r' shows?

I read in other posts that maybe SNAT has to do something but I only downloaded, installed and set up a management address. I found a couple of days ago this post that kinda has the same problem as me but he can at least telnet to it, according to him, but he stopped replying after a while.


Everything seems to be okay. The curl is working and you only have one default route. And like you mentioned SNAT couldn't be an issue, since this is pure management (no TMM).


What output does the command 'tmsh sys service tomcat' shows? Also try reading /var/log/tomcat/catalina.out to see if errors occur? Try restarting tomcat: 'restart sys service tomcat'.



After the restart command it seems like its doing something because it takes some seconds but I dont know whats up with the unexpected argument error. This whole situation doesn't make a lot of sense. Also output with "WARNING" which to be honest I am searching now what it may mean but again it seems weird that something this basic has to go through so much troubleshooting. Could it be my version of windows ? I recall seeing an older,way older I think tho, post with a bug with certain windows versions. Could it be that on the VM network settings it uses my on board nic ? Does it have to use another one or a virtual one ? Is there a possibility that although installed it might still have incompatibility issues with the version of vmware ? In theory there are endless possible problems but as I said I find it extremely unlikely for such a basic setup.




Also no it doesn't seem to work even after restart. It still refuses to connect.

Is the httpd process running on port 443?


# lsof -i -n | grep https

httpd   4578   root  5u IPv6  34593   0t0 TCP *:https (LISTEN)

httpd   11089  apache  5u IPv6  34593   0t0 TCP *:https (LISTEN)

httpd   11452  apache  5u IPv6  34593   0t0 TCP *:https (LISTEN)

httpd   11472  apache  5u IPv6  34593   0t0 TCP *:https (LISTEN)

httpd   11854  apache  5u IPv6  34593   0t0 TCP *:https (LISTEN)

httpd   12345  apache  5u IPv6  34593   0t0 TCP *:https (LISTEN)

httpd   12365  apache  5u IPv6  34593   0t0 TCP *:https (LISTEN)

httpd   16134  apache  5u IPv6  34593   0t0 TCP *:https (LISTEN)

httpd   16178  apache  5u IPv6  34593   0t0 TCP *:https (LISTEN)



What happens if you do a curl to the mgmt address?


# curl -k -v


Is the configuration of the BIG-IP fully loaded?


# tmsh show sys mcp-state



Sys::mcpd State:


Running Phase          running

Last Configuration Load Status full-config-load-succeed

End Platform ID Received    true




If not, what part of the configuration gives problems?


# tmsh load sys config verify

Yeah everything is fine. I was using instead of actually writing Sorry for wasting your time. At least I learned how to troubleshoot general connectivity thanks to this question. Again thank you very much.

Good to hear it's working now 🙂