SSL management access down

Question

Hi, 
&nbsp; After a power outage I can't connect to a BIG-IP 3400 9.4.5 via either ssh or https.  Using the console I restarted sshd, httpd and tomcat4.  The services seem to come up but I still couldn't connect.  I rebooted the box and the same problem exists.  In the httpd error log  - 16:10:15 DevF5 httpd[18694]: [warn] RSA server certificate CommonName (CN) `DevF5.manage.lpo' does NOT match server name!? 
&nbsp;  
&nbsp; Intermittently I can telnet to port 22/443 and connect when I ssh using putty the key doesn't seem to download. 
&nbsp; Has anyone seen this issue before?  Any help appreciated.   
&nbsp;  
&nbsp; Tks, 
&nbsp; D

the_bhattman · Answer

Perhaps the SSL device cert was corrupted or missing. 
&nbsp; To Take you to the F5 knowledge base that has instructions on recreating the SSL device certificate with Open SSL Click here 
&nbsp; Hope this helps. 
&nbsp; CB

hooleylist · Answer

Hi, 
&nbsp;  
&nbsp; If both SSH and HTTPS connection attempts fail intermittently, I'd guess it's a network level issue rather than a daemon issue.  If you check the 'b interface' output does it show mgmt as UP?  Ideally it should be 100 FD.  If you run a tcpdump on eth0 do you see packets making it to/from the mgmt port (tcpdump -ni eth0)? 
&nbsp;  
&nbsp; Aaron

Forum Discussion

SSL management access down

2 Replies

Recent Discussions

Issue on license renewal

Maximum throughput of f5 ltm

iRule cookie persistence and pool redirect

redirect not working

Access azure app service using f5 LTM

Related Content

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

F5's Access Policy Manager the Access Proxy for Zero Trust Architectures

F5 BIG-IP Access Policy Manager (APM) Identity-based steering with SSL Orchestrator (SSLO)