F5 Management Setup: Configuration Guide

Setting UP F5 System Management - Part 1

In continuation of the previous blog "Setting UP F5 System Management Part 1", this is the part 2 of the blog. When you login to the device first time, the device is not licensed, and you can run setup utility for licensing and configuring internal and external networks for basic connectivity. Click Next to continue.

Before moving further, you can obtain the trail licenses (for 30 days) for BIGIP systems as follows (these links or display keep changing but the procedure remain same)

1. Go to https://www.f5.com/trials/big-ip-virtual-edition

2. Register yourself on this account or Login if already registered.

3. Fill this form and after couple of hours, you will receive the registration keys on your registered email ID.

Once you click on Request license Key, it shows a message that you will receive the keys on your email within 30 minutes.

You can open your email on workstation in which you will receive registration keys. It will help you to copy/paste the leys in F5 and make the licensing process easier. These trial keys include both BIG IP LTM and ASM modules.

Now again come back to BIGIP-SYSTEM and run setup utility by click on Next.

This brings you to license tab here you click on Activate to proceed for activating the license.

On this window you have to provide the registration key which you have received from F5 on your registered email. Open you email on the same workstation to get the keys and enter them here under “Base Registration Key.”

Put the key in the base registration key box. There are two methods of activating license Automatic and Manual. Automatic is used when your F5 device is directly connected to the internet. In our case BIGIP-SYSTEM device is not directly connected to internet. Its management interface is accessible by workstation and workstation has the internet connectivity.

Therefore, in our case we are using Manual method for licensing, select manual method and click on Next.

In the next window, you need to select and copy the dossier.

Now open the F5 licensing server (https://activate.f5.com/license/dossier.jsp) on another tab to obtain the license.

Inside the box “Enter Your Dossier” paste your dossier which you copied from BIGIP-SYSTEM device and click Next

Tick on terms and conditions and click Next.

Here is you license file, you can either download it or copy it from here. In our case we select all inside the box and copy it from here.

Now paste the copied license file in license box on BIGIP-SYSTEM and click Next.

It will take couple of minutes for licensing to take effect on the device.

Once configuration changes are verified and click continue

Now provisioning window will appear here if you see LTM and ASM modules has been licensed, in provisioning change it to nominal and keep all values as default. Scroll down and click Next.

Note: You can change your workstation screen resolution to 1280x720 for better visibility.

It starts rebooting the device and takes up to 5 minutes to come up. This brings the device certificate page where it shows all certificate related information and click Next.

It brings the platform page where you can change the management IP address, default route, hostname, time zone, password of CLI and GUI, and SSH access. In our case we are keeping the same password for root and admin, these are the mandatory fields, and all other values remain the same as before.

Root password: default Admin password: admin

Click Next to continue.

It will log you out and ask you to login again because password values are being provided. Click OK

Login to BIGIP-SYSTEM again using the GUI credential provided above. In our case admin/admin

Go to the Network section and for configuring standard Network configuration click Next.

Untick the config sync and High Availability option as we are not going to use these features in this lab, we only require basic LTM functionality to be used for BIGIQ. Click Next

Next section is to configure the VLANs and self IP addresses internal network configuration, configure here as per given in the task. Select untagged with VLAN interface 1.2 and keep other things as default and click Next to continue.

Now it brings you to configuring external VLANs and IP addresses, provide the details as per the task. Select untagged VLAN interface 1.1 and keep everything else as default. Click Finished.

Now the main page appears wherein you can start configuring the LTM and ASM modules. Here you can see that both modules are appearing on left panel.

If you want to check your configured VLANs, Go to the Main tab->Network->VLANs

You can also check self IPs which are just being created for internal and external VLANs, Go to the main tab->Network->Self IPs

Now you can configure both the Linux servers i.e. WebServer01 and webServer02 IP addresses 10.1.20.1/24 and 10.1.20.2/24 respectively. Both of these servers are in the internal subnet and connected to switch ports E1/0 and E1/1 which are in access VLAN 30. Switch port E0/2 is also in access VLAN 30 which is connected to BIGIP-SYSTEM interface E1.2.

Go to the switch and verify.

Here as per the requirements given in the tasks, you can configure IP addresses of the Linux Web servers. Take the console access and login to the WebServer01 using.

Username: root

Password: default

These are the Ubuntu operating system so the IP parameters can be changed by editing file

/etc/network/interfaces. You can use “nano” editor for this purpose which is already installed.

There are pre-configured IP parameters on the server which are as follows. Currently interface eth0 is configured via DHCP and static is disabled using hash (#). In our case we will use static.

Disabled the interface configured for DHCP by putting hash (#) in front of the line and remove hash (#) from static and change the IP address to 10.1.20.1 and Netmask as 255.255.255.0 with gateway 10.1.20.245.

After making the required changes to the file. Use CTL X then Y then enter. It will save the changes and exit from the file.

Go to the file again and check the IP parameters they will have the new required IP parameters. Use CLT X to exit out of the file.

Use the command “service networking restart” to make changes into effect if that doesn’t work then reboot the server. Verify using “ifconfig eth0” command.

In our case we have to reboot our server to make the IP address changes into effect. Reboot will take 1-2 minutes.

After reboot verify the IP address once server is back online. Login again using same credentials root/default

Take the console access and login to the WebServer02

Username: root

Password: default

Similarly change the IP parameters of WebServer02. Once new required IP parameters are configured verify them using “ifconfig eth0” command.

Now check the connected from these webservers to BIGIP-SYSTEM internal self IP, they all are in the same subnet.

Setting UP F5 System Management - Part 1