Applies To:

Show Versions Show Versions

Archived Manual Chapter: WANJet® Appliance Administrator Guide: 4 - Initial Configuration
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

This article has been archived, and is no longer maintained.


4

Initial Configuration


Logging on to the WANJet Web UI

After you complete the initial hardware configuration, using the LCD panel, a computer connected to the WANJet appliance's serial port, or a secure shell (SSH), you can set up the WANJet appliance using a browser-based interface, called the Web UI. By default, you can access the Web UI from any computer that is connected to the network, and can run a web browser.

This chapter describes how to log on to the WANJet Web UI and perform the basic configuration required for the WANJet appliance to start processing traffic. This basic configuration is also covered on the Quick Start Card that ships in the box with the WANJet appliance. If you have already performed the basic configuration steps on the Quick Start Card, you do not need to repeat them.

After you finish installing and configuring the WANJet appliance, you use the Web UI to administer the appliance and perform additional configuration. You need to log on to the Web UI of each WANJet appliance using the admin account to fully configure it.

Another account called roadmin is available to log on to the Web UI with read-only access to the configuration settings. You log on the same as you do for the admin account using roadmin as the user name and default password.

Note

If your web browser cannot access the Web UI, it may be because Web UI access is restricted to specific IP addresses. You can grant access through the console by specifying the IP address of the machine on which your browser runs. Once you have access, you can use the Web UI to change the list of addresses. See Granting Web UI access , located in Chapter 5..

To log on to the Web UI

  1. In a web browser, access the Web UI using HTTPS and port 10000 in this format:
  2. https://<WANJet_IP_address>:10000

    For example, if the IP address of the appliance is 192.168.168.102, type https://192.168.168.102:10000 in the web browser. (If you set up the Management port, use the Management IP address instead of the IP address of the WANJet appliance.)
    The Welcome screen opens where you can log on.

  3. Type the user name and password.
    The default user name is admin and the default password is admin (unless it was changed by a local administrator).
  4. Note: F5 Networks recommends that you change the default password to something more secure at your earliest opportunity. See Changing the Web UI passwords , located in Chapter 5, for details.
  5. Click the Log On button.
    The WANJet appliance Web UI opens.

To log on to the Web UI as a read-only administrator

  1. In a web browser, access the Web UI using HTTPS and port 10000 in this format:
  2. https://<WANJet_IP_address>:10000

    For example, if the IP address of the appliance is 192.168.168.102, type https://192.168.168.102:10000 in the web browser.
    The Welcome screen opens where you can log on.

  3. Type the user name and password.
    The default user name is roadmin and the default password is roadmin (unless it was changed by a local administrator).
  4. Note: F5 Networks recommends that you change the default password to something more secure at your earliest opportunity. See Changing the Web UI passwords , located in Chapter 5, for details.
  5. Click the Log On button.
    The WANJet appliance Web UI opens.

Using the Web UI

When you log on to the Web UI of a WANJet appliance, that appliance is considered to be the local WANJet appliance. All other WANJet appliances are remote WANJets appliances in relation to the one you are working on.

When you are logged on to the WANJet appliance, it remains available as long as you are using the Web UI. The WANJet appliance automatically logs you off after 30 minutes of inactivity.

The first screen that you see when you log on to the Web UI is the WANJet Status screen, which displays in the main browser frame. This screen displays a brief summary of the status, IP address, alias, and software version of each remote WANJet appliance. Figure 4.1 shows the parts of the Web UI.

 

Figure 4.1 WANJet appliance Web UI

For instructions on obtaining additional remote status information, refer to Status report , located in Chapter 8.

Dashboard

The Web UI, below the F5 logo, displays a variety of status indicators and shortcuts. This area, called the dashboard, is always visible, regardless of where you are in the Web UI.

The dashboard displays the following information:

  • WANJet appliance name and IP address
    The alias (name) and the IP address of the local WANJet appliance.
  • WANJet links
    The number of links to remote WANJet appliances, and a light showing the status of remote WANJet appliances:
    • A green light indicates that all links are active.
    • A red light displays if no links are active.
    • A yellow light displays if only some links are active.
    • For more information about each link, click the word Active on the screen to display the Remote Status report. For more information, see Status report , located in Chapter 8.

  • Current time and time active
    The current time on the local WANJet appliance and how long (in days, hours, and minutes) it has been active.
  • Optimized sessions
    The number of WAN sessions that the WANJet appliance is currently optimizing (this number includes all established sessions plus connections that are in the process of being optimized). This links to the Optimized Sessions report (this number lists only established sessions). For more information, see Optimized Sessions diagnostics , located in Chapter 8.
  • Passthrough sessions
    The number of WAN sessions that are passing through the WANJet appliance, without optimization. This links to the Passthrough Sessions. For more information, see Passthrough Sessions diagnostics , located in Chapter 8.

Navigation pane

The navigation pane is the area on the left of the screen, below the dashboard. It includes five sections that you can expand:

  • Reports
    Provides links for you to view reports and diagnostic logs depicting WANJet appliance performance.
  • Optimization
    Provides screens to set up the operational mode, optimization policies, application QoS, IT service policies, and WANJet appliance tuning.
  • Configuration
    Provides screens to allow you to configure local and remote WANJet appliances, interfaces, third party monitoring through SMTP, email alerts, and time.
  • Security
    Provides screens for changing the administrator passwords, setting up remote authentication, adding a PIN code for accessing the LCD (WANJet 400 and 500 only), and restricting access to the WANJet appliance based on IP addresses.
  • System
    Provides screens for you to view licensing information, backup and restore configuration settings, initiate an upgrade or boot from a different software image, or shut down the WANjet appliance.

To view other Web UI screens, expand a section in the navigation pane, on the left side of the screen, and click an option. Information displays in the main area of the screen. For example, if a step says to go to the Optimization Policy screen, expand Optimization and click Optimization Policy. The WANJet Optimization Policy screen replaces the WANJet Status screen in the main browser frame.

Main screen

The main screen is the area of the Web UI that contains reports showing information about WANJet appliance operations, or fields where you can configure how the WANJet appliance works.

Web UI links

The following links always appear at the top right of the Web UI:

  • User Manual
    Displays the current version of the WANJet® Appliance Administrator Guide in PDF format.
  • About
    Displays an informational screen that contains:
    • Information about the WANJet appliance hardware platform
    • WANJet appliance version and build number (required when contacting F5 Networks Technical Support)
    • Space to add your chassis serial number
    • Contact details for F5 Networks Technical Support
  • Logout admin
    Logs you off the Web UI. It changes to Logout roadmin if you are logged in as the read-only administrator.

Logging off the Web UI

To maintain the security of the WANJet appliance, you should log off when you are done using it. Figure 4.2 shows the location of the Logout button. The WANJet appliance automatically logs you off after 30 minutes of inactivity for added security.

 

 

Figure 4.2 Logout button

To log off the Web UI

  1. Click the Logout admin button in the upper right corner of the Web UI. If you are logged in as roadmin, the button reads Logout roadmin.
  2. A popup screen verifies that you really want to log off.

  3. Click OK.

Activating the license

You must activate the license associated with your WANJet appliance after setting the addresses. The WANJet appliance cannot optimize traffic until the license is activated. If you followed the instructions in the Quick Start Card, you may have already activated the license. (If the license is already activated, the WANJet Status screen displays License: OK.)

You can activate the license automatically or by using the manual procedure. You only need to activate the license once. When you update the WANJet appliance in the future, the license information is retained.

The license purchased for the WANJet appliance is associated with the bandwidth of the WAN link. To increase the bandwidth of that link, you need to contact F5 to obtain a new license, then activate it.

Automatic activation is the easiest method (and is the default method) because the WANJet appliance directly contacts the F5 licensing server and handles the activation. However, in certain cases, you may need to manually activate the license. For example, follow the manual procedure if the WANJet appliance does not have a direct connection to the Internet, or if it resides behind a firewall that does not allow for a direct Internet connection. You can try the automatic method first, and if you receive a message concerning a connection failure, then try the manual method.

To manually activate the license, you need an administrative workstation with a connection to the WANJet appliance and the Internet.

To activate the license automatically

  1. Log on to the WANJet appliance. (For details, see Logging on to the WANJet Web UI .)
    The WANJet Status screen opens.
  2. On the WANJet Status screen, next to License, click the Not entered link.
    The WANJet License Details screen opens.
  3. For Base Registration Key, you should see your registration key (filled in at the factory).
  4. Click Next.
    The EULA (End User License Agreement) screen opens.
  5. Read the EULA, and then click Accept if you agree to the conditions.
    The WANJet appliance automatically activates the license. When license activation is complete, the WANJet License Details screen opens and shows the current license date.
Note

If automatic license activation does not work, you can use manual activation instead, described in the next section.

To activate the license manually

  1. Log on to the WANJet appliance. (For details, see Logging on to the WANJet Web UI .)
    The WANJet Status screen opens.
  2. On the WANJet Status screen, next to License, click the Not entered link.
    The WANJet License Details screen opens.
  3. For Base Registration Key, you should see your registration key (filled in at the factory).
  4. Next to Activation Method, click Manual.
  5. Click Next.
    The Manual Activation screen opens.
  6. Select and copy the entire contents of the Dossier box (Ctrl + A, Ctrl + C).
  7. Click the Click here to access F5 Licensing Server link, located below the dossier.
    In a separate browser, the Activate F5 License screen opens.
  8. On the Activate F5 License screen, paste the dossier that you copied and click Next.
    The Activate F5 Product displays, still in a separate browser.
  9. Read the license, then select I have read and agree to the terms of this license and click Next.
    The license information is displayed on the Activate F5 Product screen.
  10. Select the entire license (Ctrl + A, Ctrl + C), and paste it into the Manual Activation screen after Step 3: License.
  11. Click Next.
    The WANJet License Details screen displays with the current license date.
  12. In the navigation pane, expand Reports and click Status.
    The license should now display as OK.

Basic WANJet appliance configuration

You must set up WANJet appliances in pairs, with one appliance on each side of the WAN link. You can perform the configuration steps for both appliances either on each physical appliance, or from a single computer by logging on to the Web UI remotely.

Figure 4.3 shows two WANJet appliances that are deployed in a point-to-point configuration.

 

 

Figure 4.3 Inline deployment in point-to-point configuration

The WANJet appliances in this example are connected as follows:

  • WANJet1 is in the data center and connects with local IP address 175.16.2.1.
  • WANJet2 is in a remote office and connects to the remote end of the private IP WAN link with IP address 10.2.0.1.

For this example, basic WANJet appliance configuration includes the following steps:

  • Naming the first WANJet appliance
  • Configuring multiple subnets (if required)
  • Defining the second WANJet appliance as a remote WANJet appliance on the first WANJet appliance
  • Naming the second WANJet appliance
  • Defining the first WANJet appliance as a remote WANJet appliance on the second WANJet appliance

Naming the first WANJet appliance

You configure WANJet appliances in pairs to optimize the traffic that flows between them. A pair of WANJet appliances consists of a local WANJet appliance and a remote WANJet appliance, one on either side of a WAN link. A typical configuration might include one WANJet appliance in a data center where company servers reside, and a second WANJet appliance on the other side of the WAN in an office where employees work.

You can start by naming the first WANJet appliance in the pair.

To name the first WANJet appliance

  1. Into a browser, type the address and port for the first WANJet appliance. For this example, you type the following URL in the browser for WANJet1:
  2. https://175.16.2.1:10000
  3. Log on to the Web UI.
    The user name is admin. The default password is admin.
  4. In the navigation pane, expand Configuration and click Local WANJet.
    The Local WANJet screen opens.
  5. In the WANJet Alias box, type a name for the WANJet appliance. For example:
  6. WANJet1
  7. Click the Save button.

Configuring multiple subnets

If your local area network has multiple subnets connected through a router, you need to configure the local router IP address and add the local subnets that you want to optimize to the WANJet appliance. You can add specific subnets, or you can optimize all local subnets.

Once the WAN link between the WANJet appliance pair is up, subnet specifications are automatically exchanged between the appliances. So, for example, the local subnets specified on WANJet1 appear as remote subnets on WANJet2, and local subnets on WANJet 2 appear as remote subnets on WANJet 1.

Before performing the following steps, verify that you require additional subnets, and decide whether you want to optimize all of them or selected subnets.

To configure multiple subnets

  1. In the navigation pane, expand Configuration and click Local WANJet.
    The Local WANJet screen opens.
  2. In the LAN Router box, type the router's IP address.
    This address is the next-hop router in your LAN.
  3. Click the Save button.
  4. In the navigation pane, expand Optimization and click Optimization Policy.
    The Optimization Policy screen opens.
  5. Check the Include WANJet Subnet box, if it is not already checked (by default, it is checked).
  6. Note: If you do not check this box, you must have a specific reason for not optimizing the traffic from the subnet that includes the first WANJet appliance.
  7. Specify how you want to optimize subnets.
    • If you want to optimize all subnets, check the Optimize All Subnets box and skip to step 13.
    • If you want to optimize selected subnets, continue with steps 7-12 to add them.
  8. Click the Add button beneath Local Subnet.
    The Add Local Subnet screen opens in a separate browser window.
  9. In the Local Subnet box, type the IP address for the subnet.
    You can use the shorthand address format of, xxx.xxx.xxx.xxx/nn, to provide both the subnet address and the subnet mask. For example:
  10. 175.16.2.0/24

    Where /24 means that the first 24 bits of the address must match the local subnet address and the address of any host in the subnet is defined by the last 8 bits of the address. For example, 175.16.2.6 is a valid address for the subnet defined in this configuration example.

  11. In the Netmask box, type the subnet mask. For example:
  12. 255.255.255.0
    Note: If you entered the subnet address in the /nn format, as described in the previous step, the system automatically populates the corresponding subnet mask box.
  13. In the Alias box, type a string to serve as a name for the subnet.
    For example:
  14. Subnet A
  15. For Operational Status, click the Enabled button.
  16. Click the OK button.
    The Optimization Policy screen displays with the new subnet in the list of local subnets.
  17. Click the Save button.
  18. Repeat steps 7 through 13 to add as many subnets as required.

Defining the second WANJet appliance as a remote WANJet appliance

After you finish adding subnets to the first WANJet appliance, define the second appliance as a remote WANJet appliance of the first one.

To define the second WANJet appliance as a remote WANJet appliance

  1. In the navigation pane, expand Configuration and click Remote WANJets.
    The Remote WANJets screen opens.
  2. Click the Add button.
    The Manage Remote WANJet screen displays in a new browser window.
  3. Leave the WANJet Type set to Single.
  4. Note: For information about configuring redundant WANJet appliances, refer to Configuring redundant peers , located in Chapter 6.
  5. In the WANJet IP box, type the IP address for the remote WANJet appliance. For example:
  6. 10.2.0.1
  7. In the WANJet Alias box, type a name for the remote WANJet appliance. For example:
  8. WANJet2
  9. Leave the WANJet Port setting.
  10. In the Shared Key box, type the shared key that was assigned by the network administrator. The only requirement for the key is that it matches the key added for its partner on the corresponding system pair. For this example, you must use the same key when adding WANJet1 as a remote WANJet appliance to WANJet2.
  11. Leave the Local GRE IP and Remote GRE IP addresses blank unless you are using GRE tunneling between two routers with a one-arm WANJet appliance configuration.
  12. Click the OK button.
    The browser window closes.
  13. On the Remote WANJet screen, click the Save button.
    The new remote WANJet appliance appears in the Remote WANJet appliance list.

Naming the second WANJet appliance

After you finish configuring the first WANJet appliance, you can configure the second WANJet appliance in the pair. The second WANJet appliance must already be installed as described in the Quick Start Card included in the shipping box.

To name the second WANJet appliance

  1. Into a browser, type the address and port for the second WANJet appliance. For example, you could type the following URL in the browser for WANJet2:
  2. https://10.2.0.1:10000
  3. Log on to the Web UI.
    The user name is admin. The default password is admin.
  4. In the navigation pane, expand Configuration and click Local WANJet.
    The Local WANJet screen opens.
  5. In the WANJet Alias box, you may type a name for the WANJet appliance. For example:
  6. WANJet2
  7. Click the Save button.

Configuring multiple subnets on the second WANJet appliance

If you have defined a LAN router and added subnets for WANJet1, you must do the same for WANJet2, unless WANJet2 is on a simpler LAN. Refer to steps 1-11 in Configuring multiple subnets , for instructions.

Defining the first WANJet appliance as a remote WANJet appliance

After you have named the second WANJet appliance, define the first appliance as a remote WANJet appliance on the second WANJet appliance.

To define the first WANJet appliance as a remote WANJet appliance

  1. In the navigation pane, expand Configuration and click Remote WANJet.
    The Remote WANJets screen opens.
  2. On the Remote WANJets screen, click Add.
    The Manage Remote WANJet screen displays in a new browser window.
  3. In the WANJet IP box, type the IP address for the remote WANJet appliance. For example:
  4. 175.16.2.1
  5. In the WANJet Alias box, type a name for the remote WANJet appliance. For example:
  6. WANJet1
  7. In the Shared Key box, type the shared key.
    This key is assigned by the network administrator. The only requirement for the key is that it matches the key added for its partner on the corresponding system pair. For this example, you must use the same key when adding WANJet2 as a remote WANJet appliance to WANJet1.
  8. Leave the settings as they are for WANJet Type and WANJet Port.
  9. Leave the Local GRE IP and Remote GRE IP addresses blank unless you are using GRE tunneling between two routers with a one-arm WANJet appliance configuration.
  10. Click the Logoff button.
  11. Close the browser window.

Testing connectivity

When the WAN link is established between the WANJet pair, the two WANJet appliances automatically exchange subnet specifications. For example, the local subnets that you specify for WANJet A become remote subnets for WANJet A in WANJet B's Remote WANJet appliance configuration information.

You can test the connectivity between the local and remote WANJet appliances by viewing the following details on each:

  • Status of remote WANJet appliance(s)
  • Traffic passing through network
  • Diagnostics

For additional information about WANJet appliance reports, such as those described in the following procedures, see Chapter 8, Monitoring Performance .

To view the status of the remote WANJet appliance

In the navigation pane, expand Reports and click Status.
A green light displays next to the IP address for remote WANJet appliances that are enabled and connected.

To view traffic passing through the network

  1. In the navigation pane, expand Reports and click Comparative Throughput.
  2. Click Total Throughput, Sent Throughput, and Received Throughput to view the various reports.

To view diagnostics

  1. In the navigation pane, expand Reports and click Diagnostics.
    The Diagnostics screen opens.
  2. From the Connectivity menu, choose Remote WANJets.
    The Diagnose Remote WANJet report opens.
  3. Review the status of each remote WANJet appliance.
    The status should be Active.

Additional configuration tasks

The initial configuration steps described in this chapter are only the minimal steps you need to take to establish a WAN link between two WANJet appliances and start optimizing traffic between the two.

When you have completed the initial configuration steps, we recommend (but do not require) that you perform additional administrative tasks, such as the following:

  • Change the Web UI password, see Chapter 5 .
  • Use the Management port, see Chapter 5 .
  • Synchronize the time automatically, see Chapter 5 .
  • Configure email alerts, see Chapter 6 .
  • Adjust tuning settings, see Chapter 6 .

You can also fine-tune the optimization policies for the WANJet appliances. Refer to Creating optimization policies , located in Chapter 6.

Troubleshooting

One of the first steps we recommend for troubleshooting the WANJet appliance is to create a system snapshot immediately. It provides detailed information about the WANJet appliance, including:

  • Date and time of the snapshot
  • WANJet appliance version and build number
  • Connection counts
  • System and network status
  • Recent errors
  • Status and configuration settings of the interfaces

Refer to System Snapshots , located in Chapter 8, for information on taking a system snapshot. You can provide the system snapshot to the F5 Networks Technical Support team to help resolve technical issues.

Some common problems are listed in Table 4.1 . If you are experiencing an issue that is not included in the following table, contact http://www.f5.com/customer_support/ for assistance.

Table 4.1 Troubleshooting suggestions 
Issue
Suggested actions
I cannot ping the WANJet appliance.
Verify that the computer from which you are pinging has a valid network connection.
Try pinging other known devices.
Verify that you are using the correct IP address for the appliance, by reading it from the LCD display.
I can ping the WANJet appliance, but I cannot ping the WAN gateway.
Verify that the cabling is connected properly, as described in the Quick Start Card.
Make sure that you connected the gateway router to the WANJet appliance's WAN port, using the supplied crossover cable.
I cannot see that the WANJet appliance is optimizing traffic, or the optimization is extremely low.
Review your configuration of local and remote subnets at both appliances. You might have heavy traffic on a subnet that is not included in the WANJet appliance's configuration. You must include all subnets for which traffic should be optimized.
My browser connection times out when I attempt to access the Web UI.
Check to see that you are accessing the correct URL for the Web UI. If you enter just http:// followed by the WANJet appliance's IP address, it will not work. You must connect to port 10000 using the secure HTTPS protocol. For example: https://123.123.123.123:10000/
When I attempt to access the Web UI, I get a Page Not Found error.
If you are certain that you entered the URL correctly and the WANJet appliance appears to be running, it may indicate that the computer from which you are running your web browser does not have access to the Web UI. Although the default setting grants access to all machines, that setting can be changed to limit access based on IP address.
Use the LCD to add your computer's IP address to the list for access. After that, use the Web UI to change the access settings. For instructions, see Granting Web UI access , located in Chapter 5.
I can access the Login screen for the Web UI, but my browser connection times out when I try to log on.
This issue can occur when the WANJet appliance is not able to access the RADIUS authentication server or when the Timeout and NRetry variables are set too high. See To configure the WANJet appliance for remote RADIUS authentication , located in Chapter 5.
Log on as a local user, using the admin user name and a default password of admin (note that the local administrator may have changed the default password). After you are logged in, in the navigation pane, expand Security and click Remote Authentication, and verify that RADIUS authentication is enabled.
Review the Timeout and NRetry values. F5 Networks recommends a value of 3 for each of these settings. If these settings are too high, authentication might take a long time to fail, causing the connection to time out. For information, see Configuring remote authentication , located in Chapter 5.
The Link LED (for the WAN or LAN port) does not light up.
Verify that the cables are installed properly on the WANJet appliance.
Check to see if the ports on the WAN router and the LAN switch connected to the WANJet appliance are set to autonegotiate. If either port is forced to a specific link speed and duplex value, you must set the WANJet port to match this value. For information about resetting the NIC configuration (link speed and duplex value) for a WANJet port, see Changing the interface speed , located in Chapter 6.
F5 Networks strongly recommends that if you force the link for one of the WANJet ports, you force the link for both ports. This prevents link problems in pass-through mode if power to the WANJet device is lost.

 




Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)