Part of managing a BIG-IP®
system involves configuring and maintaining a certain set of system properties. These properties consist of general platform properties such as the BIG-IP system host name, IP address, and passwords for its system administrative accounts.
The BIG-IP system has a management port to handle administrative traffic,
and TMM switch interfaces to handle application traffic. TMM switch interfaces
are those interfaces controlled by the Traffic Management Microkernel (TMM) service.
By default, DHCP is disabled for the management port on the BIG-IP
system. When enabled, DHCP uses UDP ports 67 and 68. On the first boot, the BIG-IP system contacts your DHCP server and obtains a lease for an IP address and default route for the management port, and DNS and NTP servers. You must then configure other system attributes, such as host name and domain name servers.
When DHCP is disabled, you manually configure the management port by
assigning an IP address and netmask to the port. The IP address that you assign to the management port must be on a different network than the self IP addresses that you assign to VLANs.
Additionally, if you intend to manage the BIG-IP system from a node on a
different subnet of your network, you can specify an IP address for the BIG-IP system to use as a default route to the management port.
Every BIG-IP system must have a host IP address. This IP address can be
the same as the address that you used for the management port, or you can assign a unique address. The default value is Use Management Port IP Address
Another of the general platform properties that you can specify is the time
zone. The many time zones that you can choose from are grouped into these categories: Africa, America, Antarctica, Arctic, Asia, Atlantic, Australia, Europe, Indian, and Pacific. You should specify the time zone region that most closely represents the location of the BIG-IP system you are configuring.
A BIG-IP system is typically part of a device group that synchronizes
configuration data across two or more BIG-IP devices and provides high availability (failover and connection mirroring).
To ensure that this operates successfully, you assign a device group (to the root
folder) to which you want to synchronize configuration data. All folders and sub-folders in the folder hierarchy inherit this device group as a folder attribute.
You also assign a floating traffic group to the root
folder. All folders and sub-folders in the folder hierarchy inherit this traffic group as a folder attribute.
Part of managing platform-related properties is maintaining passwords for
the system account. You can also configure the system to allow certain IP addresses to access the BIG-IP system through SSH.
When you ran the Setup utility on the BIG-IP system, you set up some
administrative accounts. Specifically, you set up the root
accounts. The root
accounts are for use by BIG-IP system administrators.
Users logging in with the root
account have terminal and browser access to the BIG-IP system. By default, users logging in with the admin
account have browser-only access to the BIG-IP system. You can use the General screen of the platform properties to change the passwords for root
accounts on a regular basis. To change a password, locate the Root Account
or Admin Account
setting, and in the Password
box, type a new password. In the Confirm
box, re-type the same password.
When you configure SSH access, you enable user access to the BIG-IP
system through SSH. Also, only the IP addresses that you specify are allowed access to the system using SSH.
To configure SSH access, locate the SSH Access
setting and click the Enabled
box. Then use the SSH IP Allow
setting to select either * All Addresses
or Specify Range
, which allows you to specify a range of addresses for which access is allowed.