Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral


Questions and Answers

Loading... Loading...

Hi, I hope someone can help, I'm getting an SSH error when doing a gtm_add from a blank GTM, wanted to verify that FW rules allowed ssh, is there a way I can telnet on port 22 to another GTM using the tmsh?


6 Answer(s):

Is run /util bash an option, you could then run telnet from there. If not I suspect this isn't possible.
That didn't work, I can't believe that you can't telnet from within TMSH, this is version 11.1, iif anyone knows please let me know, hank you.
OK, I guess you only have the option of using the run util test-monitor... command, it should suffice.

Not telnet, but have you considered using traceroute w/TCP? The syntax would be:

run util traceroute -T -p 22 


It times out just like regular traceroute if the destination cannot be reached. Seems to work fine on v11.1 and v11.2.
 

That worked, thank you so much. FW port seem to be opened...

Have you btw seen where you run the gtm_add and get stuck at the "enter root password if prompted"  ?

 

 

alm@nygtm01(Active)(/Common)(tmos)# run gtm gtm_add
WARNING: Running this script will wipe out the current configuration
files (bigip_gtm.conf, named.conf and named zone files) on the BIG-IP GTM
Controller on which this script is run.  The configuration will be
replaced with the configuration of the remote BIG-IP GTM Controller
in the specified sync group
The local BIG-IP GTM MUST already be added in the configuration of the
other GTM.

Are you absolutely sure you want to do this? [y/n] y

Enter the IP address of a remote GTM BIG-IP from which
you want to copy the configuration:
10.5.10.28

==> Running 'bigstart shutdown gtmd' on the local system
==> Running 'bigstart shutdown zrd' on the local system
==> Running 'bigstart shutdown named' on the local system
    Retrieving remote and installing local BIG-IP's SSL certs ...
Enter root password if prompted
ssh: connect to host 10.5.10.28 port 22: Connection timed out
ERROR: Can't read remote cert via /usr/bin/ssh.

Restarting gtmd
Restarting named
Restarting zrd

This worked too, thanks!

Your answer:

You must be logged in to reply. You can login here.