How to modify client-ssl on multiple VS using TMSH
Hi, I was able to get the list of virtual servers using cert1 for example by list and grep. Now, I want to use TMSH to use the CLI in replacing client-ssl cert1 to cert2. If I have like 50 VS, how to do that using modify on TMSH? If I do modify /ltm virtual VSname profile add SSLname context clientside, im getting this error: "vs has more than one clientssl/serverssl profile with same server name" If I do delete, im getting this error: "Syntax Error: "context" is a read-only property" If I do replace-all-with, cert2 is configured but wipes all other profiles and i don't want to put alot of config to reconfigure all profiles in a VS. Is there a 1 line command I can do? TIASupported way to use MFA to BIG-IP GUI and shell
I have read on DevCentral various mechanisms to implement 2FA (MFA) using APM and even some packages to change the PAM and implement this on the SSH shell. Are there any supported mechanisms to protect the BIG-IP Web interface via multi-factor? Even if one had the APM, can it be turned around to control the BIG-IP GUI itself? Also, what about SSH access? I am curious if others have solved this issue. It is surprising to me that at least the GUI does not have a native MFA solution to basic administration. Thanks, Tom
How to set different Priority Groups while adding nodes to pool with TMSH?
Version 11.4.1 and 11.5.0. I want to use a single TMSH command to create a pool and add 2 nodes each with a different Priority Group. Is this even possible? I am trying this in tmsh ltm: create pool pool_psc_p1_2_443 members add { view-p1-psc3:443 } priority-group 10 add { view-p1-psc4:443 } priority-group 1 monitor vmware_psc_monitor_TCP load-balancing-mode round-robin ...but I get this error: Syntax Error: "priority-group" unknown property I think I will have to first create the pool, then go back and modify it. I find the BigIP command line and TMSH difficult enough already, so I am inclined not to keep fiddling with it to try to make this work. The TMSH guide for 11.4.1 is rather useless for me here because the examples "delete pool my_pool" and "list pool my_pool" are a slightly a bit too overly simple.