gtm_add
3 Topicsgtm_add fails on SSH conneciton
BIG-IP running 11.5.1 HF8 When creating a GTM failover pair the process falls down when I run the gtm_add on the secondary unit. ssh: connect to host 10.10.22.2 port 22: Connection refused ERROR: Can't read remote cert via /usr/bin/ssh. The Big-IPs have three interfaces; Management, HA and External I want to setup the GTM pairing between the External interfaces as this is also the interface that will be used for the connection between the datacentres. I can ping the IP address. I can SSH to the other two interfaces. SSH is allowed and all IP addressing is allowed. But when I try to SSH from one to the other on the External interface the connection is refused. sys sshd { allow { ALL } banner disabled banner-text none description none inactivity-timeout 0 include none log-level info login enabled } The only hardware between the two devices is the a switch stack.549Views0likes4CommentsGTM Sync and a Sync-Failover Group
I have two data centers, and each of them have two BIG-IP devices. In data center A, they are in a active/standby group running AFM. In data center B, those two are also in an active/standby group running AFM as well. These devices are in-line from the Internet to the data center at both data centers. I am also going turn on GTM on each cluster in both data centers. My question is around syncing GTM information, but not syncing AFM policies. As expected, each data center has AFM policies that are specific to that data center. So, if I do gtm_add and join the GTMs to a GTM-sync-group, will the two separate clusters keep their data center specific AFM policies? I basically need to keep the two clusters separate from each other, but still allow GTM to remain in sync. Will this work as I expect it to? I just don't want to inadvertently overwrite data center A's AFM policies with data center B's. That would be bad. Thanks!267Views0likes1Comment