DEVICE-0202 Error while adding rSeries as a provider in CM
Hi all, we just got out rSeries Hardware and I am now trying to add it as a provider to out Central Manager instance. Unfortunately I am always getting the following error Code when trying to connect it to CM. DEVICE-0202: BIG-IP Next instance internal server error: Certificate validation failed with error: provider 1234-app123-zz.net.world.aa:8888: DEVICE-0202: BIG-IP Next instance internal server error: SSL certificate is unusable: BIG-IP Next 1234-app123-zz.net.world.aa has an unknown or unusable device certificate; explicit trust is not possible. Error: EOF. . For creating the Device Cert on the rSeries Platform I used to following KB-Article which is for the DEVICE00060 Error: https://my.f5.com/manage/s/article/K000139300 - I issued a self signed certifcate with DNS and IP as SAN Since the error didn't change I tried adding a few other things: - Adding the self signed cert to CentralManager via Applications>Certificates & Keys>import - Creating a crt signed by out Internal CA (no IP in SAN cause the CA doesn't allow that), applying it on the rSeries and uploading the chain to cm - Testing if the rSeries really uses the applied certs on port 8888 each time with openssl s_client connect which it always does But all that didn't change the error message at all. Any ideas? Thank you in advance
Issue while migrating config from 4000s to r4600
Hi All, we are trying to migrate config from 4000s to r4600. We have created UCS on 4000s but while loading it on a tenant on r4600, we got an error saying ""load sys partition all platform migrate " - failed -- 010713d0:3: Symmetric Unit key decrypt failure - decrypt failure, configuration loading error: high-config-load-failed". Before loading the UCS from 4000s device to tenant, we copied the master key to the new tenant and verified it as well. The command used to load the UCS : load sys ucs <file name> no-license platform-migrate Didn't see any other error logs in /var/log/ltm. Could someone suggest how to resolve this issue ? Please note we are using a CA device certificate and not self signed certificate for the device. Also the management IP, trunk name and number of trunk ports in the UCS are different from those on the tenant.
Sizing for HW and SW based
I am looking for a data for dimensioning for r5800 / 6000 etc where I am deploying DNS+PEM+AFM+URL Filtering + some iRules on ONE rSeries The same witch I am looking for is for VE deployment Where I can find data about such figures I can only find for DNS QPS, but for the rest of the modules can't Are there any exact numbers? How can I combine and calculate this module and see if feet into rSeries and VE HP??
Problems with F5 Rseries and LDAPs for remote authentication
Good afternoon I'm having some problems getting remote authentication to work on my Rseries computer over LDAPS, when debugging I get the following error: Can't contact LDAP server: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (unable to get local issuer certificate) I have followed several guides and consulted different articles, but I can't find any of them which fields are mandatory and which aren't. My question is regarding the fields: Cipher String, TLS CA Certificate and TLS Key. Is it mandatory to fill in these fields? What happens if they are left empty? Best RegardsCheck optic information and data
Hi All, One of our customers has two r4600 appliances and on those appliances is a BIP-IP tenant configured. The two BIG-IP tenants are configured in a Device Group (Sync and Fail-Over). Both appliances are in different data centers so customer is using a MRV solution to create connectivity between the data centers. This solution has been there for many years and is working fine when connecting their infrastructure. Now we want to use the MRV solution to connect both r4600 appliances for config sync and network fail-over. We have F5 SFP's in the r4600 appliances but when we connect them (on both sides) to the MRV hardware, there is no link. When we connect the r4600 appliance to a switch, we have link and the interface is UP. Customer checked the MRV setup and the fiber path between the data centers and they seem to be OK. No other issues are reported with the link between the data centers. As a work-around, we have configured ethernet ports to connect both r4600 appliance for sync and network fail-over and those ports are connected to access ports on a switch. But customer prefers to use the 10Gbe interfaces connected to the MRV solution. How can we troubleshoot this on the F5 side? Are there commands to get optic data on a very low level to see what is going on? Any tips and tricks are welcome. Regards, MartijnF5 Distributed Cloud Customer Edge on F5 rSeries – Reference Architecture
Traditionally, to advertise an application to the internet or to connect applications across multi-cloud environments enterprises must configure and manage multiple networking and security devices from different vendors in the DMZ of the data center. CE on F5 rSeries is a single vendor, converged solution for all enterprise multi-cloud application connectivity and security needs.
R-Series Appliance No GUI ( host system gui ) after 1.7.0 upgrade
After running the 1.7.0 upgrade for the r-series 5000 appliance - the login screen does not display in a browsers. Admin and Root passwords are as they were before upgrade. mgmt-ip settings are the same. Device can ping it's upstream router in the mgmt-ip network. the device mgmt-ip address does not reply to ping ( or any request [ ssh, http...]) from the console I can see the whole running config - it is the same as before the upgrade Any help is appreciated, Dave Mehlberg
BIG-IP rseries license
Hi community, I plan to buy 2 new R4600 to replace the current 4000s(c113) ASM licensed. F5 have changed they lincesning model and I am a bit confiused about what exactly I need to purchase. On the new device I need the following features: Basic LTM (VS with 2,3 backend servers) iRules L7 attack protection IPS Can you pelase suggest what license modules cover the above items? I can not go for Best bundle becouse of too high price. Thanks!
F5 2600 rseries Tenant reprovisioning
Dears, I configured one tenant on my F5 2600 rseries and in the tenant setting I configured it to use 4 CPU and chose the recommended option so the tenant takes 12288 memory,this is the minimum so is that applicable to allocate another memory after I configured it and it now running
