Service Mapping F5 Big IP Connections - Authentication for TMSH - Specify the Management IP Address

James Behrens
Giga Guru

I've managed to get auditor credentials for our F5s. To test authentication, I am able to ssh using my new credentials then run the TMSH check command in the connections part of the F5 Pattern. show /sys version| grep Version

 

To do this, I have to SSH to a management IP for the F5. I've I try to SSH to any of the VIPs, I get: kex_exchange_identification: read: Connection reset by peer

 

When I look at the discovery log from my failed attempts to get it to read the IRules, It's clearly trying to connect to the VIP that equates to the LTM address I used for the entry point. Doing that, it is unable to run the TMSH check.

 

How can I get it to authenticate using the management IP that I have to use to SSH? Even when I look at the CI record for that F5 node, it does not list that management IP.

 

F5 Big IP - LTM Connections.png

1 ACCEPTED SOLUTION

James Behrens
Giga Guru

I solved my own mystery, the IP of the F5 needed to be set to one of the management IPs. 

View solution in original post

1 REPLY 1

James Behrens
Giga Guru

I solved my own mystery, the IP of the F5 needed to be set to one of the management IPs.