Forum Discussion

Mohanad_313515's avatar
Mohanad_313515
Icon for Nimbostratus rankNimbostratus
Jul 30, 2018

How to run configuration script on target BIG-IP

Hi Everyone,

I have BIGIP's in 2 sites, I need to copy only the new configuration to another site and vice versa without backup/restore UCS files to avoid re-active lic, provisioning, monitor alerting etc...

case 1: i have to copy the config to DR site for specific VS Case 2: i have to copy from DR BIGIP to Production BIGIP

so I took config files from both devices "bigip.conf" and "dr_bigip.conf" and run them against text compare and hereunder the differences, so how to pasted them on DR BIGIP

}
ltm node /Common/Corporate_Staging_Corpay {
    address x.x.x.x
}
--------------------------------------------------------------------------
}
ltm pool /Common/Corporate_Staging_Corpay {
    members {
        /Common/Corporate_Staging_Corpay:443 {
            address x.x.x.x
        }
    }
    monitor /Common/https 
}
--------------------------------------------------------------------------
}
ltm snatpool /Common/Corporate_Staging_Corpay_SNAT {
    members {
        /Common/x.x.x.x
    }
}
--------------------------------------------------------------------------
ltm profile client-ssl /Common/Corporate_Staging_Corpay_Client {
    app-service none
    cert /Common/ACH_Staging_Corpay.crt
    cert-key-chain {
        ACH_Staging_Corpay_ACH_Staging_Corpay {
            cert /Common/ACH_Staging_Corpay.crt
            chain /Common/ACH_Staging_Corpay.crt
            key /Common/ACH_Staging_Corpay.key
        }
    }
    chain /Common/ACH_Staging_Corpay.crt
    defaults-from /Common/clientssl
    inherit-certkeychain false
    key /Common/ACH_Staging_Corpay.key
    passphrase none
}
--------------------------------------------------------------------------
}
ltm profile server-ssl /Common/Corporate_Staging_Corpay_Server {
    app-service none
    defaults-from /Common/serverssl
}
--------------------------------------------------------------------------
}
ltm policy /Common/asm_auto_l7_policy__Corporate_Staging_Corpay {
    controls { asm }
    requires { http }
    rules {
        default {
            actions {
                1 {
                    asm
                    enable
                    policy /Common/Corporate_Staging_Corpay
                }
            }
            ordinal 1
        }
    }
    strategy /Common/first-match
}
ltm policy /Common/asm_auto_l7_policy__Customs-Pro-Temp {
    controls { asm }
    requires { http }
    rules {
        default {
            actions {
                1 {
                    asm
                    enable
                    policy /Common/Customs-Production-blocking
                }
            }
            ordinal 1
        }
    }
    strategy /Common/first-match
}
--------------------------------------------------------------------------
}
ltm virtual /Common/Corporate_Staging_Corpay {
    destination /Common/x.x.x.x
    ip-protocol tcp
    mask 255.255.255.255
    policies {
        /Common/asm_auto_l7_policy__Corporate_Staging_Corpay { }
    }
    pool /Common/Corporate_Staging_Corpay
    profiles {
        /Common/ASM_Corporate_Staging_Corpay { }
        /Common/Corporate_Staging_Corpay_Client {
            context clientside
        }
        /Common/Corporate_Staging_Corpay_Server {
            context serverside
        }
        /Common/HTTP-Xforwad { }
        /Common/tcp { }
        /Common/websecurity { }
    }
    security-log-profiles {
        /Common/QRadar
        /Common/Request&Response
    }
    source 0.0.0.0/0
    source-address-translation {
        pool /Common/Corporate_Staging_Corpay_SNAT
        type snat
    }
    translate-address enabled
    translate-port enabled
}
--------------------------------------------------------------------------
}
asm policy /Common/Corporate_Staging_Corpay {
    active
    encoding utf-8
    policy-template POLICY_TEMPLATE_FUNDAMENTAL
}
------------------------------------------------------------------------
}
security bot-defense asm-profile /Common/ASM_Corporate_Staging_Corpay {
    app-service none
}