Dev Setup Help
Hi, I'm looking for advice on setting up an F5 client to help debug a javascript error on a VPN client. I don't have V-Sphere, but I was able to convert the .OVA BIG-IP Next Central Manger to a .vhdx and run on Hyper-V manager. I'm able to log into the VM and run the setup. I used all the default and the IP address on the VM for the hostname. This allows me to login to the UI and start the bootstrap process which fails and additional attempts return 500 error from the server. Is this something that I should be able to get working? Where can I view the server logs? Any recommendations would be appreciated. Best regards, JonathanSolved21Views0likes1CommentDescription of HTTP caching profile statistics
Hi F5'ers, within bpsh: profile http my-optimized-caching ramcache entry all show Host: 10.80.0.1 URI: / | 1 hits Size: 364 Rank: 1 Source: 0/0 Owner: 0/3 | Received: 2012-03-13 03:55:57 Last sent: 2012-03-13 04:02:41 | Expires: 2012-03-14 14:14:22 Vary: accept encoding Vary count: 1 | Vary user agent: none Vary encoding: none what do "Vary", "Vary count", "Vary user agent" and "Vary encoding" show? R's, Alex213Views0likes1Comment"Configuration problem" when setting up a trial LTM VM
I have downloaded the 90 day trial version of LTM VE and am having trouble configuring it. I have installed it on an ESXi server and run 'config' to set up a static IP address for the management interface. However this is not persistent - if I reboot the VM the IP address gets forgotten and I have to re-enter it. Next I managed to log into the UI and install the trial license. However the UI then displays this message when logging in: This BIG-IP system has encountered a configuration problem that may prevent the Configuration utility from functioning properly. To prevent adverse effects on the system, F5 Networks recommends that you restrict your use of the Configuration utility to critical tasks only until the problem is resolved. Beware that attempting to modify your configuration in this state with the Configuration utility may cause your configuration to be overwritten. and when I have logged in I get this across the top of the page: The configuration has not yet loaded. If this message persists, it may indicate a configuration problem. and most UI options just show the message "An error has occurred while trying to process your request." So what have I done wrong, and how do I fix it? Edit: Config files requested by emi: /config/bigip.conf: [root@localhost:Offline:Standalone] config cat /config/bigip.conf apm resource remote-desktop citrix-client-bundle /Common/default-citrix-client-bundle { } apm sso saml-sp-connector /Common/saml_office365 { assertion-consumer-uri https://login.microsoftonline.com/login.srf description "Predefined SP connector object for Office 365" entity-id urn:federation:MicrosoftOnline } ltm default-node-monitor { rule none } ltm classification signature-version { version-number 0 } net ipsec ike-daemon /Common/ikedaemon { } wom endpoint-discovery { } /config/bigip_base.conf: [root@localhost:Offline:Standalone] config cat /config/bigip_base.conf cm cert /Common/dtca-bundle.crt { cache-path /config/filestore/files_d/Common_d/trust_certificate_d/:Common:dtca-bundle.crt_26609_1 checksum SHA1:1220:e4fe95d5e7d778cfa0b5fae3aae90196e97e2ccd revision 1 } cm cert /Common/dtca.crt { cache-path /config/filestore/files_d/Common_d/trust_certificate_d/:Common:dtca.crt_26603_1 checksum SHA1:1220:e4fe95d5e7d778cfa0b5fae3aae90196e97e2ccd revision 1 } cm cert /Common/dtdi.crt { cache-path /config/filestore/files_d/Common_d/trust_certificate_d/:Common:dtdi.crt_26612_1 checksum SHA1:1172:75c02118a7daba3e3b84b6d4414063953b92ed1b revision 1 } cm device /Common/bigip1 { base-mac 0:50:56:96:4d:6c build 39.0 cert /Common/dtdi.crt chassis-id 4216b78b-1ce8-729f-88f19ffa5a46 edition "VE Trial 11.3.0-HF1 (based on BIGIP 11.3.0HF6)" hostname bigip1 key /Common/dtdi.key management-ip 192.168.1.245 marketing-name "BIG-IP Virtual Edition" platform-id Z99 product BIG-IP self-device true time-zone PDT version 11.3.0 } cm device-group /Common/device_trust_group { auto-sync enabled devices { /Common/bigip1 { } } hidden true network-failover disabled } cm device-group /Common/gtm { devices { /Common/bigip1 { } } hidden true network-failover disabled } cm key /Common/dtca.key { cache-path /config/filestore/files_d/Common_d/trust_certificate_key_d/:Common:dtca.key_26606_1 checksum SHA1:1675:e5fe1aeae877dceabf0788f00716d9a20fcfb6e2 revision 1 } cm key /Common/dtdi.key { cache-path /config/filestore/files_d/Common_d/trust_certificate_key_d/:Common:dtdi.key_26615_1 checksum SHA1:1679:2ed0adc0939945269c13060d99da4d2916558f6d revision 1 } cm traffic-group /Common/traffic-group-1 { unit-id 1 } cm traffic-group /Common/traffic-group-local-only { } cm trust-domain /Common/Root { ca-cert /Common/dtca.crt ca-cert-bundle /Common/dtca-bundle.crt ca-devices { /Common/bigip1 } ca-key /Common/dtca.key status standalone trust-group /Common/device_trust_group } net interface 1.1 { media-fixed 10000T-FD } net interface 1.2 { media-fixed 10000T-FD } net interface 1.3 { media-fixed 10000T-FD } net route-domain /Common/0 { description "Default Route Domain" id 0 } net self-allow { defaults { ospf:any tcp:161 tcp:22 tcp:4353 tcp:443 tcp:53 udp:1026 udp:161 udp:4353 udp:520 udp:53 } } net stp /Common/cist { } security firewall port-list /Common/_sys_self_allow_tcp_defaults { ports { 22 { } 53 { } 161 { } 443 { } 1028 { } 4353 { } } } security firewall port-list /Common/_sys_self_allow_udp_defaults { ports { 53 { } 161 { } 520 { } 1026 { } 4353 { } } } security firewall rule-list /Common/_sys_self_allow_all { rules { _sys_allow_all { action accept } } } security firewall rule-list /Common/_sys_self_allow_defaults { rules { _sys_allow_tcp_defaults { action accept destination { port-lists { /Common/_sys_self_allow_tcp_defaults } } ip-protocol tcp } _sys_allow_udp_defaults { action accept destination { port-lists { /Common/_sys_self_allow_udp_defaults } ip-protocol ospf } } } security firewall rule-list /Common/_sys_self_allow_management { rules { _sys_allow_ssh { action accept destination { ports { 22 { } } } ip-protocol tcp } _sys_allow_web { action accept destination { ports { 443 { } } } ip-protocol tcp } } } sys feature-module cgnat { disabled } sys folder / { device-group none inherited-devicegroup false inherited-traffic-group false traffic-group /Common/traffic-group-1 } sys folder /Common { device-group none inherited-devicegroup true inherited-traffic-group true traffic-group /Common/traffic-group-1 } sys management-dhcp /Common/sys-mgmt-dhcp-config { request-options { subnet-mask broadcast-address routers domain-name domain-name-servers host-name ntp-servers } } sys management-ip 192.168.1.245/24 { dhcp-enabled true } sys provision afm { } sys provision apm { } sys provision asm { } sys provision avr { } sys provision gtm { } sys provision lc { } sys provision ltm { level nominal } sys provision pem { } sys provision psm { } sys provision wam { } sys provision wom { } sys provision woml { }Solved1.9KViews0likes13CommentsHow many times to reboot for install software?
Hi How many times to reboot for install software images? From this information ------------------------------------------------------- Sys::Software Status Volume Product Version Build Active Status -------------------------------------------------------- HD1.1 BIG-IP 10.2.1 511.0 yes complete HD1.2 BIG-IP 10.2.1 511.0 no complete HD1.3 none none none no complete I want to upgrade into 10.2.4 HF5 on HD1.2 volume (or must both volume??) First I install 10.2.4 Final into HD1.2 and reboot into HD1.2 , and then reboot again into HD1.1 to install 10.2.4 HF5 into HD1.2 and reboot into HD1.2 to use 10.2.4 , Am I correct? (Reboot 3 times) Do you have better solutions ? like install 10.2.4 and install HF5 respectively and then reboot only once times. (Reboot 1 times) Another questions is what impact if I backup ucs from 11.2.1 HF1 and restore in 11.2.1 HF2 ? thank you380Views0likes6Commentsb interface show: unpopulated vs down ?
Hi there. I couldn't find this in the Big-IP System and Network Management nor the Ask F5. Hoping someone here can help me When I type in a "b interface show" I get the below: [root@secondary:Standby] config b interface show interface speed pkts pkts pkts pkts bits bits errors trunk Mb/s in out drop coll in out mgmt DN 100 FD 0 0 0 0 0 0 0 1.1 UP 1000 FD 454.9M 490.7M 13650 0 596.0G 469.3G 0 1.2 UP 1000 FD 256.5M 249.9M 2.384M 0 293.2G 158.2G 0 1.3 UP 100 FD 32.19M 4.161M 2.894M 0 26.84G 25.79G 0 1.4 DN 1000 FD 0 0 0 0 0 0 0 2.1 MS 1000 FD 0 0 0 0 0 0 0 2.2 MS 1000 FD 0 0 0 0 0 0 0 What is the "DN" vs the "MS" ? When I look on the gui, it says 1.4 is "DOWN" and 2.1 and 2.2 are "UNPOPULATED"? The longer version is that we are adding another VLAN to our network and my manager asked me if we had any free interfaces to do so. Physically there are no cables plugged in to 1.4, 2.1, and 2.2. I'm guessing we can use 1.4. I was just curious what those statuses meant. Can someone explain what that column means? Thanks, Ben956Views0likes1CommentWebException in GetResponse
Please excuse and redirect me if I'm posting in the wrong area but I'm hoping someone here at F5 can be some help. I have a web application which uses a class library I created which, among other things, reads an XML file on the web host (an IIS 6 server/cluster). When I run the app locally in VS2010 or on my testing platform, also an IIS 6 server, it works fine. When I publish to my BIG-IP load-balanced 2 server Veritas Cluster, the code executes fine as long as I use each nodes' name but if I use the cluster's friendly name I get the following exception: The underlying connection was closed: An unexpected error occurred on a receive. at System.Net.HttpWebRequest.GetResponse() at System.Xml.XmlDownloadManager.GetNonFileStream(Uri uri, ICredentials credentials) at System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn) at System.Xml.XmlTextReaderImpl.OpenUrlDelegate(Object xmlResolver) at System.Threading.CompressedStack.runTryCode(Object userData) at System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData) at System.Threading.CompressedStack.Run(CompressedStack compressedStack, ContextCallback callback, Object state) at System.Xml.XmlTextReaderImpl.OpenUrl() at System.Xml.XmlTextReaderImpl.Read() at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace) at System.Xml.XmlDocument.Load(XmlReader reader) at System.Xml.XmlDocument.Load(String filename) at Symantec.DataFactories.AdomdClientDataFactory.GetStoredProcedure() There is more to the stack but that's the gyst of it. I had previously gone at the file more directly with HttpWebRequest.GetResponse() and switched to using XmlDocument.Load() in the hopes that I'd been doing something wrong. No joy. The server is running DotNET 3.5 so the abundance of articles directing me to a fix for 1.0 aren't useful. I did attempt to fix it by setting the HttpWebRequest's KeepAlive to false. Again, no joy. I'm guessing that either we have something mis-configured on the servers or I need to modify my code to better deal with the load balancing. Here's the code I'm trying to run: // Request and read the file. try { // Read and cache the file XmlDocument xmlFile = new XmlDocument(); xmlFile.Load(AbsoluteUrlUsingAuthority); string fileContents = xmlFile.InnerXml; HttpContext.Current.Cache.Insert(cacheKey, fileContents, null, Cache.NoAbsoluteExpiration, new TimeSpan(0, CacheSlidingExpirationMinutes, 0)); } catch { // Fall back to using WebResponse methodology for debugging try { // Ask the web server for the file HttpWebRequest request = (HttpWebRequest)WebRequest.Create(AbsoluteUrlUsingAuthority); request.KeepAlive = false; using (WebResponse response = request.GetResponse()) using (TextReader reader = new StreamReader( response.GetResponseStream(), Encoding.GetEncoding("utf-8"))) { // Read the contents of the file. string file = reader.ReadToEnd(); // Close the stream. reader.Close(); // Add the file to the cache, sliding expiration. HttpContext.Current.Cache.Insert(cacheKey, file, null, Cache.NoAbsoluteExpiration, new TimeSpan(0, CacheSlidingExpirationMinutes, 0)); } } catch (WebException webException) { if (webException.Status == WebExceptionStatus.NameResolutionFailure) throw new Exception("Bad domain name", webException); if (webException.Status == WebExceptionStatus.ProtocolError) { HttpWebResponse response = (HttpWebResponse)webException.Response; if (response.StatusCode == HttpStatusCode.NotFound) { throw new Exception( string.Format("Requested file, {0}.xml, not found. {1}", _command.CommandText, response), webException); } if (response.StatusCode == HttpStatusCode.Forbidden) { throw new Exception( string.Format("403 (Access denied) error accessing {0}. {1}", AbsoluteUrlUsingAuthority, response), webException); } if (response.StatusCode == HttpStatusCode.Unauthorized) { throw new Exception( string.Format("401 (Authentication required) error accessing {0}. {1}", AbsoluteUrlUsingAuthority, response), webException); } } throw; } } I've been pulling my hair out on this for weeks now so any guidance on debugging and/or troubleshooting from a coder's perspective, considering I have to work through a (human) proxy to take any actions on the server would be appreciated.507Views0likes0CommentsPlaying a flv video through Firepass
Hello ! In our company, our internal website often shows videos, interviews. I can't make it work when I access the website through Firepass. Here's the code I'm using : <script type="text/javascript"> script><br><br><div id="myplayer">div> It gets translated by Firepass to : <script type="text/javascript"> script><script>try{F5_flush(document);}catch(e){}script><br><br><div id="myplayer">div> The flvplayer is loaded but the video won't show. I don't know why the addVariable remains and is not translated to a F5_Invoke_addVariable ( I don't know if that exists) Any help ? TIA !183Views0likes0CommentsHow can code share external monitor scripts be used?
I work for a vendor that distributes F5 LTMs as part of a system (software and hardware). I need to solve a specific problem with the built in health monitors and so have taken an (EAV) external monitor script from the advanced design & config code share examples. I've got the problem solved using the script I have written (derived from one I took from the code share page), but the license stated in all these "code share" sample EAV scripts give me pause as to whether I can simply now distribute my derived script with our system. You can see an example of the license if you look at one of the sample EAV scripts. A snippet of the license that gives me pause for example: ...It is against the law to copy the software. No part of the software may be reproduced, transmitted, or distributed in any form or by any means, electronic or mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose without the express written permission of F5 Networks, Inc. ... Can anyone point me to a "plain text" description that might explain to me in plain text and hopefully show me my misinterpretation and tell I'm allowed to use and distribute my derived EAV script? Or will I actually need to get involved with F5 lawyers/business-people to give me legal permission from F5 to use the script? (it seems odd to have these scripts on the "code share" page with licenses that imply the scripts can't be used). I have searched, but the term "license" overwhelmingly returns topics on F5 system licenses rather than the "legal license" meaning I need. Thanks for your help!305Views0likes2Comments