Applies To:

Show Versions Show Versions

Manual Chapter: Performing Basic Device Management
Manual Chapter
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

F5 Networks® Enterprise Manager is an appliance that simplifies the administrative tasks associated with managing multiple F5 Networks devices. Enterprise Manager also collects and stores information about managed devices in a database, which you can access through a web-based interface. The product is scalable, so as you add F5 devices to your network, you can manage them using Enterprise Manager.
Devices running BIG-IP® software version 9.3 or later
BIG-IP® Local Traffic Manager Virtual Edition version 10.2 or later
BIG-IP® Secure Access Manager version 8.0 or later
WANJet® version 5.0 or later
Although Enterprise Manager works with multiple versions of BIG-IP software, we recommend that you upgrade your managed devices to the latest version to ensure the most optimal performance.
When Enterprise Manager discovers a device, it adds it to the device list with the default IP address that you specified. While Enterprise Manager can see the device at this address, you must ensure that the managed device can communicate back to Enterprise Manager. You do this by verifying that the IP address for Enterprise Manager is properly configured. If it is not, then the device cannot communicate back to Enterprise Manager, and the software update functionality does not work properly.
1.
On the Main tab, expand Enterprise Management, and click Devices.
The Devices screen opens.
2.
In the Device list, click the device name of the device for which you want to set communication properties.
The Device Properties screen opens, displaying the current devices IP address (as discovered by Enterprise Manager) and the address of the devices Configuration utility.
3.
From the Device Properties list, select Advanced to display additional device properties.
4.
In the EM Address field, verify that the IP address correctly specifies the address of the Enterprise Manager system.
This is the address that the managed device uses to communicate with Enterprise Manager.
To ensure that the connection works in the other direction, you must test the connection from the command line of each managed device. To test the connection, you must have root access to the managed devices command line.
Note: If a managed device cannot communicate with Enterprise Manager, the message Device cannot contact EM appears in the Details column next to a device name on the device list.
2.
Type the following command where <EM_address> is the IP address of the Enterprise Manager system:
This command tests the ability of the managed device to communicate with Enterprise Manager on port 443.
A connected to <EM_address> message means that the device can properly communicate with Enterprise Manager.
Important: If you receive a connection refused message, you may need to change the IP address in the EM Address field on the Device Properties screen, or addresses specified in your NAT or SNAT.
On some managed devices, you can install different software versions on different boot locations. This gives you the opportunity to test different software or hotfix versions on a device before fully upgrading the device. If you have one software version installed on one boot location on a managed device, and a different software version installed on another boot location, you can use Enterprise Manager to reboot the device using the other boot image location.
1.
On the Main tab, expand Enterprise Management, and click Devices.
The Device list screen opens.
2.
Click the name of a device.
The Device Properties screen opens.
3.
On the menu bar, click Properties, and Boot Location.
The Boot Image Locations screen opens, displaying the active and available boot locations and the software installed on each.
5.
Click Reboot.
After you confirm the reboot, the device reboots and the screen refreshes to indicate the new active boot location.
By default, Enterprise Manager collects information once every 60 minutes, and displays that information on the Device List screen and devices General Properties screen. You can reduce the amount of management traffic by increasing this interval, or you can more closely monitor the state of devices by decreasing the interval.
Tip: You can refresh device information immediately at any time, by selecting devices and clicking the Update Status button on the Device List screen, or on the General Properties screen of a specific device.
1.
On the Main tab, expand Enterprise Management, and click Options and Devices.
The Device Options screen opens.
2.
In the Refresh Interval field, type a new interval value to adjust the number of minutes that the Enterprise Manager waits before requesting new information from each managed device.
3.
Click Save Changes.
Warning: If you delete a device from the Device List screen, Enterprise Manager removes from its database all associated configuration information for that device, such as alerts, certificate information, and device archives. If you add this same device to Enterprise Manager in the future, you must re-configure these settings.
With Enterprise Manager, you can get an immediate overview of the status of the devices in your network by viewing the status icons on the Device List screen. (You access the Device List screen by expanding the Enterprise Management on the Main tab and clicking Device.)
Status icons, as defined in Table 1.1, provide quick insight into the state of your network because they indicate whether Enterprise Manager is successfully connecting to all of your managed devices.
Active Mode
Indicates that the device is enabled and that the Enterprise Manager can connect to the device.
Standby Mode
Indicates that Enterprise Manager can connect to the device.
Offline Mode
Indicates that the device is enabled, but offline, and that the Enterprise Manager cannot connect to the device.
Forced Offline Mode
Indicates that only active connections to the device are allowed.
Impaired
Indicates that there is a communication error, but the device can still receive updates.
Maintenance Mode
Indicates that communication between Enterprise Manager and the managed device is disabled.
Device Replacement Mode
Indicates that communication between Enterprise Manager and the managed device is disabled for the purpose of replacing the managed device.
Unreachable
Indicates that Enterprise Manager cannot connect to the device. This could be due to many factors including a disconnected network cable, powered down or rebooting device, or network issues.
When Enterprise Manager cannot communicate with a managed device, the status icon appears with a red X in the middle of the device icon. There are a variety of reasons that Enterprise Manager might not be able to communicate with a managed device: The device is rebooting, the management cable became disconnected, or the iControl port was closed or blocked. If you notice a device unreachable icon, you can try to remotely log into the device to further investigate the devices status.
Tip: In addition to viewing the status of your devices, you can also create system alerts to notify individuals in your organization about certain conditions for the devices in your network. This can help you to respond quickly to issues with the managed devices, such as an expired certificate or an unreachable device. You can also configure these alerts to work with any existing network management servers in the network. See Overview of alerts, for more information.
Two of the more time consuming tasks of managing multiple devices are renewing the device license on each device, or acquiring an initial license. Enterprise Manager provides automated features to expedite the licensing process for all managed devices in the network.
Enterprise Manager automatically determines which devices need to be licensed and displays this information on the Device List screen. You can then configure a task using the License Device wizard to license or renew a license on as many devices as you need.
Using the License Device wizard, you can select the devices that you want to license, view and accept the End User License agreement (EULA) for each device (if required), and start a task that updates the license on the devices you select.
The License Device wizard automates the entire licensing process. It retrieves the license dossier from the managed device, sends it to the F5 Networks licensing server, acquires a new license from the server, and provides you the opportunity to back up the device configuration before renewing the license.
Note: Due to some licensing issues involving iControl communications, certain devices may require a software upgrade in order to successfully re-license the device. See SOL7702 on the AskF5 Knowledge Base (http://support.f5.com) for information about these licensing issues.
1.
On the Main tab, expand Enterprise Management, and click Tasks.
The Task List Screen opens.
2.
Click New Task.
The New Task screen opens
3.
For the Devices setting, select the License Device option.
4.
Click Next.
The Device Selection screen opens where you can select devices to include in the licensing task.
1.
From the Device List, select an option to specify the types of devices displayed.
2.
For Device Filter, select an option to further narrow the managed devices displayed.
4.
Click Next.
The system retrieves device license information, including the End User License Agreement (EULA) from the F5 licensing server. After the system retrieves license information, the system indicates which devices are ready for licensing by displaying Success. Alternately, the message may indicate EULA required. If any of the messages in the Details field indicate EULA required, then a Review EULAs screen opens.
5.
Click Next.
If EULAs are not required, skip to the To specify task options and start the license task.
Otherwise, accept the EULAs for the devices as described in the following procedure.
Note: Generally, when you first accept an End User License Agreement, you do not need to accept it again to renew a device license. However, if the EULA changes, you must accept the new EULA for each device that you want to re-license.
The Review EULAs screen presents all available license agreements, and you can switch between these agreements if there is more than one. You can also choose to accept all EULAs for all devices for a specific EULA.
1.
To view a different EULA (if available), in the EULA list, select a different EULA.
The Applies to Device(s) box changes to display the devices to which the EULA applies.
2.
To accept the EULA for all devices listed in the Applies to Device(s) box, select the check box next to Accept all EULAs and continue with device licensing.
4.
Click Next to move to the Task Options screen.
1.
On the Task Options page, select an item from each list to specify the task options.
For information about each option, click the Help tab.
Note: We recommend that you accept the default option to reboot each device after licensing.
2.
Click Next.
The Task Review screen opens.
3.
In the Task Name field, type an optional name for the task.
5.
To start the task, click Start Task.
While the system retrieves license information from the licensing server, a progress indicator appears on the screen, and the screen refreshes at regular intervals until all of the license information is retrieved.
Note: If you want to stop the screen from refreshing, in the Auto Refresh box, move your cursor over the countdown timer and click it.
A redundant system configuration is a pair of F5 Networks systems configured for failover. In a redundant system configuration, there are two units, often with one running as the active unit and one running as the standby unit. If the active unit fails, the standby unit takes over.
During the device discovery process, Enterprise Manager detects managed devices that are part of a redundant system. The device and its associated peer are displayed on the device properties screen.
Note: For more information about configuring redundant systems and different configurations of redundant systems such as an active-active configuration, see the TMOS® Management Guide for BIG-IP® Systems, or the WANJet® Appliance Administrator Guide.
When you use Enterprise Manager to manage a BIG-IP high availability system, you can switch the failover states of the managed device pair. You can use this feature to switch the modes of an active/standby or an active-active pair.
1.
On the Main tab, expand Enterprise Management, and click Devices.
The Devices screen opens.
2.
Move your cursor over the status icon to the left of a device name.
A tool tip displays, indicating the details about the devices status.
1.
On the Main tab, expand Enterprise Management, and click Devices.
The Devices screen opens.
2.
Click the device name of the device for which want to change the failover state.
The Device Properties screen opens, displaying the device and the peer state.
3.
Click Switch to Standby Mode and confirm the change.
The Device List screen opens, indicating the new state of the device and its peer.
You can remotely synchronize the configurations between managed peer devices in a BIG-IP high availability system. Before doing so, you must first enable the ConfigSync Auto-Detect setting on the managed device pair.
1.
On the Main tab, expand Enterprise Management, and click Devices.
The Devices screen opens.
2.
Click on the name of the device for which you want to enable ConfigSync auto-detect.
The Device Properties screen opens.
3.
Below the ConfigSync area, click Enable Auto-Detect.
The Device Properties screen refreshes, and ConfigSync status information appears in the ConfigSync area.
Note: The ConfigSync area displays only if the device you selected is configured for high availability.
1.
On the Devices screen, click the name of the device with which you want to synchronize its peer.
The Device Properties screen opens, displaying the current configuration information in the ConfigSync area.
To properly diagnose and address issues with F5 Technical Support, you are typically required to provide basic system and configuration information. Using Enterprise Managers Support Information wizard, you can easily gather the required information to provide to F5 Technical Support. The Support Information wizard saves you significant time, since you can collect this information centrally, rather than logging on to each individual device to copy configuration files and device information.
The Support Information wizard assists you in collecting important support data from one or more managed devices. Using the wizard, you can select the devices from which you want information and attach additional information about the configuration (if required).
Important: To gather support information, you are required to enter a case number. You must initiate a support case with F5 Technical Support and receive a case number before using the following procedure.
1.
On the Main tab, expand Enterprise Management, and click Tasks.
The Task List Screen opens.
2.
Click New Task.
The New Task screen opens
3.
For the Support setting, enable the Gather Support Information option.
4.
Click Next.
Continue working through the wizard screens, as described in the following pages, to collect support data.
1.
In the Case Number field, type the case number assigned to the support case.
2.
In the Additional Information field, type any notes or information that may assist support engineers in diagnosing and solving your support case.
3.
Click Next to move to the Step 2 of 4 screen.
You can add device data and attachments to the support information about the Step 2 wizard screen that appears after you specify a case number and notes.
1.
Click Add.
The Support Information screen opens.
Note: If required, your Technical Support representative will provide qkview parameters values for the support case. To add these parameters, select Advanced from the Add Devices list to display the qkview Parameters field where you can type the information.
2.
Select from the Device List, the types of devices you want to view.
3.
For Device Filter, select an option to further narrow the managed devices displayed.
5.
Click Retrieve Device Data.
The Gathering Device Support Information screen opens and displays a status of support information collection. The system may require several minutes to retrieve data from a managed device.
6.
After the system collects the device data, click Finished.
The Step 2 wizard screen opens again so that you can include attachments, if necessary.
On the Step 2 wizard screen, you can add attachments such as screen shots, error messages, or log files with the support data to send to F5 Technical Support.
1.
Above the File Attachments area, click Attach.
The Import Attachment screen opens.
2.
In the File Name field, type the path and file name of the file, or click Browse to open a dialog box to visually search for the file.
3.
Click Import to import the attachment.
The screen changes to indicate file importation status. After the file imports, the Step 2 wizard screen opens again.
4.
Click Next to move to the Step 3 of 4 screen.
On the Step 3 wizard screen, you can review the device information and attachments that you are gathering and select an upload destination for the support information. Depending on your selections, the screen may change to prompt you for additional information.
1.
From the Destination list, select a destination.
F5 Support Site
Uses the standard F5 support server and FTP to upload the information to a directory that matches the case number.
F5 Support Site
Uses the standard F5 support server and FTP to upload the information to a directory that matches the case number.
Custom Location
Allows you to specify a custom FTP server destination, and prompts you for more information.
Local Download
Saves the gathered support information in a compressed file on your local client system.

Note: If you select Local Download, you do not need to specify any additional settings.
2.
If you selected F5 Support Site, ensure that the email address in the Email Address field matches the email associated with the case number assigned to this support case.
3.
If you selected Custom Location, type the required information in the following fields.
FTP Server: The FQDN or IP address of the FTP server to which you are sending support information.
FTP Port: The port number of the FTP server.
FTP Login Name: The user name that the system uses to log on to the FTP server.
FTP Login Password: The password for the user name that the system uses to log on to the FTP server.
Destination Directory: The default directory on the remote system, where you send the support information. By default, the directory name corresponds to the support case number.
4.
Click Next to move to the Step 4 of 5 screen.
The Step 4 wizard screen prepares the support information you collected and sends it to the destination you specified on the Step 3 wizard screen. The screen refreshes at a regular interval until the support information is sent.
1.
If you selected Local Download on the previous screen, this screen provides a link. Click the link to save the save the data in a compressed file on the local client system.
2.
Click Finished to return to the New Task screen.
After you click Finished, Enterprise Manager removes the collected support data from its database.
Note: If the system does not successfully transmit support information to F5, click Back to return to the Step 3 screen so that you can verify the FTP information and Email Address.
In certain cases, you may need to perform maintenance on a managed device in the network or even replace a device. Before performing these tasks, you can use the Enterprise Manager to switch the device into maintenance mode. Maintenance mode is a device state in which communications between Enterprise Manager and the managed device are suspended so that you do not receive unnecessary alerts or configure tasks for a managed device that you know is offline.
While a device is in maintenance mode, Enterprise Manager does not refresh device information, nor trigger alerts for the device. Additionally, you cannot include in a management task any device in maintenance mode.
Important: Maintenance mode does not disable communications on the managed device itself. Maintenance mode only disables communication between Enterprise Manager and a managed device.
1.
On the Main tab, expand Enterprise Management, and click Devices.
The Device List screen opens.
2.
In the Device list, click the name of the device that you want to switch to maintenance mode.
The device Properties screen opens.
3.
Below the Device Properties area, click the Maintenance Mode button.
The Maintenance Management screen opens.
4.
From the Mode list, select one of the following options:
5.
In the Reason field, type a note to indicate the reason for enabling or disabling maintenance mode.
This text appears on the Device list and is noted in the Enterprise Manager audit log.
6.
Click Save Changes.
The Properties screen opens and the device state changes and the status icon on the screen and on the Device List screen changes to indicate the new state.
In certain cases, you may need to replace a managed device. You can use Enterprise Managers Maintenance/Replacement mode to assist you in tracking the steps required to replace the device.
When you change the state of a device to Replacement mode, the Device Replacement Checklist displays a list of common tasks for replacing a managed device. As you complete the necessary task to successfully replace the device, select the check box next to the task. This list provides you information about the state of all of the replacement tasks and access to each screen required to finish the tasks.
Put device into Device Replacement Mode
When you replace a device, you must place it into device replacement mode so that Enterprise Manager does not attempt to perform management tasks.
Create a UCS archive
When you replace a device, you should create an archive of the existing configuration so that you can use the same configuration on the replacement system. Click the Create UCS archive link to open the Devices: Archives screen to create an archive.
Replace physical hardware
Replace hardware in the device, or the device itself.
Discover Replacement Device
When you add a replacement device to the network, you must discover the device before Enterprise Manager can manage it. Click the Discover Replacement Device link to open the New Device screen where you can configure a discovery task for the new device.
Set host name on replacement device
When you later restore the UCS archive to the new device, setting the host name restores the additional general properties (such as IP address, time zone, and HA settings).
Licensing
Your licensing options depend on the type of replacement that you are performing and consist of the following.
New Device / RMA - Select this option when you are adding a new device or replacing a returned device. You can select to use the registration key on the new device.
Repurpose similarly licensed device - Select this option when you use the device for a different purpose in the network and you plan to use the currently licensed features.
Repurpose different licensed or unlicensed device using EXISTING registration key - Select this option when you use the device for a different purpose in the network and you plan to use different licensed features with the registration key currently assigned to the device. You can optionally select to use the existing registration key (with F5 Technical Support assistance) and you can re-license the device.
Repurpose different licensed or unlicensed device using NEW registration key - Select this option when you use the device for a different purpose in the network and you plan to use different licensed features with a new registration key. You can optionally set the new registration key (with F5 Technical Support assistance) and you can re-license the device.
Install software and hotfixes
After you license the new device, you can install software or hotfix upgrades, as needed.
Restore UCS archive (without license)
Restore the UCS archive that you archived earlier to ensure that the device configuration matches the device that you replaced.
Exit device replacement mode
Click the Exit device replacement mode link to set the device to active mode and open the device properties screen.
Table of Contents   |   << Previous Chapter   |   Next Chapter >>

Was this resource helpful in solving your issue?




NOTE: Please do not provide personal information.



Incorrect answer. Please try again: Please enter the words to the right: Please enter the numbers you hear:

Additional Comments (optional)