For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

management

5675 Topics

How can I get started with iCall
Hi all . Recently, I want to learn how to use iCall to do some automated operations work, but I haven't seen any comprehensive tutorials about iCall on askf5. Are there any good articles I can refer to for learning? Do I need to systematically learn Tcl first? I still have a question about iCall. What is the difference between using iCall and using shell scripts with scheduled tasks to achieve automated management and configuration of F5? Best Regards
ecolauce
Dec 14, 2025 Place Technical Forum
4Views
0likes
0Comments
High availability Blade
Hello everyone, I would like to know if is possible to configuire high availability on two Blade BX110. At the moment I have only one blade where there are all Tenants and, the capacity of using it, is 85% . The customer want to buy another Blade but, it wants that for every Velos, te two blades build a unique partition. Is it possible to do it by considering that in one blade there are all Tenants in a production environment ? Which type of impact there will be ? To sum up could i configure both blade in high availability with no run the risk to block the services of the Tenants ? I have read that is possible to make a setup of the blades but is not mentioned that this activity could provide, if on the one are presents Tenants, to reset the configuration. Many thanks in advanced for your help. Awaiting your news,
unavailable
Dec 12, 2025 Place Technical Forum
46Views
0likes
1Comment
ACME DNS RFC-2136 Let's Encrypt certs
I've been pushing on certbot to handle CNAME entries when ordering certs, and finally given up. https://github.com/certbot/certbot/issues/6787 https://github.com/certbot/certbot/pull/9970 https://github.com/certbot/certbot/pull/7244 This repo contains scripts that: Create an ACME account with Let's Encrypt use TSIG credentials to talk to bind (RFC-2136) create TXT record in correct zone by following CNAME and SOA entries if present downloads certs installs certs on one or more F5s. The F5 credentials requires Administrator rights as Certificate Manager can't upload files. https://github.com/timriker/certmgr CNAME records are recommended to a zone with minimal or no replication and a low TTL. ie: _acme-challenge.example.com CNAME example.com._tls.example.com _acme-challenge.example.net CNAME example.net._tls.example.com _tls.example.com would have one name server and 30 second TTL or so a TSIG key would be created that only needs update access to _tls.example.com Comments welcome. JRahm I'm looking at you. 😎 More info: https://letsencrypt.org/docs/challenge-types/
TimRiker
Dec 09, 2025 Place Technical Forum
76Views
3likes
1Comment
UCS Encryption Question
Good day! In order to run a platform migration with a UCS restore from a FIPS licensed platform (physical to virtual), you need to make some modifications to the UCS file. This requires decryption of the file using article https://my.f5.com/manage/s/article/K58543794 to facilitate extraction and modification of the .conf files. My questions are twofold: (1) On a FIPS licensed platform, do you have to re-encrypt the file in order to load it? I know you can't run a backup unless a passphrase is specified. (2) What is the string to re-encrypt the file? I've tried the following command to no avail: gpg --symmetric --cipher-algo AES128 --output /var/local/ucs/backup-encrypted.ucs /var/local/ucs/backup-decrypted.ucs I'm clearly missing something here. I constructed the command from the guidance found within https://my.f5.com/manage/s/article/K5437 and when performing the restore, I'm getting an "Unexpected Error: UCS loading process failed." error. If anyone can assist, I'd greatly appreciate it. If an encrypted UCS is NOT required to restore a FIPS licensed platform, then that's all good as well! Have a great day!
Solved
Cory_O
Dec 05, 2025 Place Technical Forum
46Views
0likes
2Comments
BIG-IP device fails to install node-inspector
Hi all, when I followed the steps in 'Steps to Setup Node-Inspector on BIG-IP' and executed the following command, an error occurred. command: [root@bigip1:Active:Standalone] ~ # npm install -g node-inspector@0.12.8 errors: npm ERR! Linux 3.10.0-862.14.4.el7.ve.x86_64 npm ERR! argv "/usr/bin/node" "/usr/bin/.npm__" "install" "-g" "node-inspector@0.12.8" npm ERR! node v6.9.1 npm ERR! npm v3.10.8 npm ERR! path /usr/lib/node_modules npm ERR! code EROFS npm ERR! errno -30 npm ERR! syscall access npm ERR! rofs EROFS: read-only file system, access '/usr/lib/node_modules' npm ERR! rofs This is most likely not a problem with npm itself npm ERR! rofs and is related to the file system being read-only. npm ERR! rofs npm ERR! rofs Often virtualized file systems, or other file systems npm ERR! rofs that don't support symlinks, give this error. npm ERR! Please include the following file with any support request: npm ERR! /root/npm-debug.log logs: [root@bigip1:Active:Standalone] ~ # tail -30 /root/npm-debug.log 7616 silly idealTree | `-- lodash@3.10.1 7616 silly idealTree +-- xmldom@0.1.31 7616 silly idealTree +-- xtend@4.0.2 7616 silly idealTree +-- y18n@3.2.2 7616 silly idealTree `-- yargs@3.32.0 7617 silly generateActionsToTake Starting 7618 silly install generateActionsToTake 7619 warn checkPermissions Missing write access to /usr/lib/node_modules 7620 silly rollbackFailedOptional Starting 7621 silly rollbackFailedOptional Finishing 7622 silly runTopLevelLifecycles Finishing 7623 silly install printInstalled 7624 verbose stack Error: EROFS: read-only file system, access '/usr/lib/node_modules' 7624 verbose stack at Error (native) 7625 verbose cwd /root 7626 error Linux 3.10.0-862.14.4.el7.ve.x86_64 7627 error argv "/usr/bin/node" "/usr/bin/.npm__" "install" "-g" "node-inspector@0.12.8" 7628 error node v6.9.1 7629 error npm v3.10.8 7630 error path /usr/lib/node_modules 7631 error code EROFS 7632 error errno -30 7633 error syscall access 7634 error rofs EROFS: read-only file system, access '/usr/lib/node_modules' 7635 error rofs This is most likely not a problem with npm itself 7635 error rofs and is related to the file system being read-only. 7635 error rofs 7635 error rofs Often virtualized file systems, or other file systems 7635 error rofs that don't support symlinks, give this error. 7636 verbose exit [ -30, true ] This seems like a directory access permission issue, but I can't change the read/write permissions on the F5 device. How should this be resolved? f5-appsvcs-extension/contributing/node_inspector_profiling_as3.md at v3.54.2 · F5Networks/f5-appsvcs-extension
Solved
ecolauce
Dec 03, 2025 Place Technical Forum
90Views
0likes
4Comments
How I did it - "F5 BIG-IP Observability with Dynatrace and F5 Telemetry Streaming"
Welcome back to another edition of “How I Did It.” It’s been a while since we looked at observability… Oh wait, I just said that. Anyway, in this post I’ll walk through how I integrated F5 Telemetry Streaming with Dynatrace. To show the results, I’ve included sample dashboards that highlight how the ingested telemetry data can be visualized effectively. Let’s dive in before I repeat myself again.
Greg_Coward
Dec 02, 2025 Place Technical Articles
130Views
2likes
0Comments
Illegal Request in Learning Suggestion for 200 OK response
Dears, I want to know the reason why this suggestion is showing an illegal request status even though response code is 200 OK. Is it because multiple violations triggered? The policy is in transparent mode and I am just verifying the suggestions. Can someone please provide an expert advise?
SRM
Dec 01, 2025 Place Technical Forum
85Views
0likes
5Comments
/mgmt/toc - not possible to launch rest api rest browser
Hi, could you help please on how to kick off the api rest browser? attaching below the internals Thank in advance after providing my admin credentials, the follwoing response is returned { "code": 400, "message": "URI path /mgmt/logmein.html not registered. Please verify URI is supported and wait for /available suffix to be responsive.", "referer": "https://1.2.3.4/mgmt/toc", "restOperationId": 13525870, "kind": ":resterrorresponse" } Platform ID Z101 Platform Name BIG-IP Tenant Software Version BIG-IP v17.1.3 (Build 0.20.11) Bundle, r5600
AndrzejJez
Dec 01, 2025 Place Technical Forum
117Views
0likes
6Comments
Error post F5 upgrade
We're in middle of F5 upgrade. This is the first time I am doing the upgrade. We followed all the steps. Device came back after the reboot, but when I am logging into the device, it is giving me error as 'The configuration has not yet loaded. If this message persists, it may indicate a configuration problem'. On the other line, I am trying to reach TAC. During checking F5 articles, I came across this community so registered here to ask the question. Is anyone can help me with this pls?
Solved
raj_raut
Nov 26, 2025 Place Technical Forum
97Views
0likes
5Comments
Extend capacity of the blade on Velos
Hello everyone, for a customer I need to buy another blade for Velos system that permit to extend the capacity of the disk, at the moment i have cofigured a single blade that is it used at 85%, the target is to buy another one, for having a logical drive that is thwe sum of both hard drive. Is it possible to do it ? I have read documentations about it but, i have not found the correct information, in addition you have to say that now, in the first balde there are 9 Tenants who are working in a production environment, so that, the goal is activities, for add the new blade, should not have impacts on the production. Many thanks , in advanced, everyone. Awaiting news,
unavailable
Nov 24, 2025 Place Technical Forum
68Views
0likes
3Comments