Part of managing a BIG-IP®
system involves configuring and maintaining a certain set of system properties. These properties consist of general platform properties such as the BIG-IP system host name, IP address, and passwords for its system administrative accounts.
To assign an IP address to the management port, you can either use the
Dynamic Host Configuration Protocol (DHCP), or you can specify an IP address manually, using the BIG-IP Configuration utility.
Every BIG-IP system has a management port.
The management port
is a special interface that the BIG-IP system uses to receive or send certain types of administrative traffic. You cannot use the management port for normal traffic that is slated for load balancing. Instead, the BIG-IP system uses the TMM switch interfaces for that type of traffic. TMM switch interfaces
are those interfaces controlled by the Traffic Management Microkernel (TMM) service.
Configuring the management port of a BIG-IP system means assigning an IP
address to the port, supplying a netmask for the IP address, and specifying an IP address for the BIG-IP system to use as a default route. The IP address that you assign to the management port must be on a different network than the self IP addresses that you assign to VLANs. Note that specifying a default route for the management port is only necessary if you intend to manage the BIG-IP system from a node on a different subnet.
Every BIG-IP system must have a host IP address. This IP address can be
the same as the address that you used for the management port, or you can assign a unique address. The default value is Use Management Port IP Address
Another of the general platform properties that you can specify is the time
zone. The many time zones that you can choose from are grouped into these categories: Africa, America, Antarctica, Arctic, Asia, Atlantic, Australia, Europe, Indian, and Pacific. You should specify the time zone that most closely represents the location of the BIG-IP system you are configuring.
A BIG-IP system is typically part of a device group that synchronizes
configuration data across two or more BIG-IP devices and provides high availability (failover and connection mirroring).
To ensure that this operates successfully, you assign a device group, to the root
folder, to which you want to synchronize configuration data. All folders and sub-folders in the folder hierarchy inherit this device group as a folder attribute.
You also assign a floating traffic group to the root
folder. All folders and sub-folders in the folder hierarchy inherit this traffic group as a folder attribute.
Part of managing platform-related properties is maintaining passwords for
the system account. You can also configure the system to allow certain IP addresses to access the BIG-IP system through SSH.
When you ran the Setup utility on the BIG-IP system, you set up some
administrative accounts. Specifically, you set up the root
accounts. The root
accounts are for use by BIG-IP system administrators.
Users logging in with the root
account have terminal and browser access to the BIG-IP system. By default, users logging in with the admin
account have browser-only access to the BIG-IP system. You can use the General screen of the platform properties to change the passwords for root
accounts on a regular basis. To change a password, locate the Root Account
or Admin Account
setting, and in the Password
box, type a new password. In the Confirm
box, re-type the same password.
When you configure SSH access, you enable user access to the BIG-IP
system through SSH. Also, only the IP addresses that you specify are allowed access to the system using SSH.
To configure SSH access, locate the SSH Access
setting and click the Enabled
box. Then use the SSH IP Allow
setting to select either * All Addresses
or Specify Range
, which allows you to specify a range of addresses for which access is allowed.