2 LTM VE Config

Question

Quick question:
For testing purpposes I configured an LTM VE trial edition. management ip: 192.168.8.70
I then copied the VM, started the copy and configured with different management ip: 192.168.9.70
My computer is connected to both VMWARE networks 192.168.8.0 and 192.168.9.0.
Here is what happens: the first LTM to start is available through the management IP (Web Gui)
I tried to figure it out but didn't have time to look into it. I'm going to look into tomorrow but thought I'd ask you guys if you have a quick tip on what's going on. 
Cheers !&nbsp;

joethefifth · Answer

on a second thought I guess it is du to a MAC address conflict. I'll have to generate new mac addresses for the clone vm. &nbsp;

federico_teti_1 · Answer

At vmware level you will probably have mac issues as you indicate, but definitely at BIG-IP level you will have issues with licensing. 
The BIG-IP VE is automatically configured during the first system boot with a unique REST device ID and secure shell (SSH) keys. When the BIG-IP VE is cloned these values become part of the cloned instance. In environments where multiple BIG-IP clone instances are run, the duplicate REST ID and SSH keys can cause access and management conflicts.
The cloned BIG-IP VE instance will have an identical /config/f5-rest-device-id key value of the original instance. BIG-IP VEs that are managed by a BIG-IQ system that shares the same f5-rest-device-id key value can cause a conflict regarding the BIG-IQ system's ability to discover or manage the BIG-IP VE clone instances.
The cloned BIG-IP VE instance will have identical SSH keys as the original instance, and may be presented as a security risk in some environments.&nbsp;
K44134742&nbsp;
Regards,&nbsp;

joethefifth · Answer

Absolutemy agree. What I wanted to test is to have two separate devices not talking to each other or part of a cluster, just like to companies or two separate networks communicating only through https. And the issue was indeed a mac address conflict. I could have configured a new trial version device but I wanted to make this clone methd work as it is a quick way to test. I had a snapshot of the original vm made juste after the licence. I took a copy of this snapshot. in Vmware you have to choose 'I moved this' instead of 'I copied this' as copying will make vmware generate new hardware (machine and nic) ids and this will expire the trial version. Important: the snapshot was made before starting the device setup, only the license step was carried out. I added 3 nic to this copy, started it, vmware generated different macs for the three new devices. I shut the vm and then removed the initial three vm nics. I started the machine and initiated the config with the 'config' command. I had to do it two or three times before the command started the config screen. and now I have tow ve vms to play with. I need to simulate two perimeter networs with a complex APM/ADFS certificate/AD/Ldap/Kerberos auth :-) cheers !

Forum Discussion

2 LTM VE Config

3 Replies

Recent Discussions

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Related Content

F5 Bigip LTM NAT64 config

Re: Get Started with BIG-IP Virtual Edition (VE), BIG-IQ VE or BIG-IP Cloud Edition Trial

HA Config For F5 LTM

LTM VE behind Sophos Firewall deployment - configuration/setup question

Downloading VE for VmWare