Saturday, 16 August 2014

F5 setup methods and tools

Setup methods and tools :--

1. SSH client :- To access the F5 remotely..Putty is recommended.

2. Serial terminal clients :- to get the console access. Teraterm is recommended with default settings

3. BIG-IP config Script :- to configure management IP and other network parameters

4. BIG-IP web-based configuration utility :- Used to configure licensing the system and management access parameters.

5. Configuration worksheet :- Used to gather all the information required for the initial setup.
Posted by at No comments:

F5 port types

Below are the types of ports available in F5..

1. Mgmt Port:-
                          Has a default IP address 198.168.1.45/24 but no default gateway is configured by default. We need to re IP it during initial setup as per our network.

2.USB port :-
                       Two ports available to connect to other devices

3. Console Port :-
                           It is a  DB9 connector for connecting serial console.

4. Ethernet port :- 
                                  Number of available Ethernet ports varies depending upon the model.

 1 GIG  RJ45 Ethernet are used to connect F5 to the network as well as to the clients and servers.

The Ethernet ports are numbered top to bottom and left to right.

e.g The top left port is 1.1 while the port below is 1,2.

5. Failover port :- It is also a DB9 connector but used to connect to redundant equipment. Also exist below console port.
Posted by at No comments:

New Management User creation in Cisco WLC


Follow the below setup to configure the new management user in Cisco WLC.

Step 1. Before creating the user, check the password policies. It will be in use when you configure the password for the user.


Step 2. To add new management user, go to MANAGEMENT -> LOCAL MANAGEMENT USERS -> Click NEW.


Step 3. Configure the username and password. Password should meet the policies configured in step 1.

You can restrict the user access by selection the ReadWrite or Readonly option.


Step 4. Press Apply


Step 5. Check the Priority order.

Go to SECURITY -> PRIORITY ORDER -> MANAGEMENT USER.

Make sure the LOCAL is at the top.


Step 6. You can also choose to enable controller access from wireless.

Go to Management -> Mgmt Via Wireless, check the box and press APPLY.


Posted by at No comments:

Downloading Customized Guest Web login page certificate in Cisco WLC


This Document explains step by step procedure to upload Web login page certificate used for web authentication login page.

Step 1.     Please test the reachability of FTP server from WLC.


(Cisco Controller) >ping 192.168.1.10
Send count=3, Receive count=3 from 192.168.1.10
 
If there is any firewall in between controller and FTP server, please open the FTP ports between them.

Step 2.     Select the FTP server


(Cisco Controller) >transfer download serverip 192.168.1.10

Step 3.     Configure the FTP username to be used to contact FTP server. We have used Cisco as username.


(Cisco Controller) >transfer download username Cisco

Step 4.     Configure the FTP password to be used to contact FTP server. We have used Cisco as password.


(Cisco Controller) >transfer download password Cisco

Step 5.     We have two options via FTP or TFTP to download the certificate to WLC from ftp server. We have selected the FTP as file transfer mode.


(Cisco Controller) >transfer download mode ftp

Step 6.     Select the file type webauthbundle.

(Cisco Controller) > transfer download datatype webauthcert

Step 7.     Choose the filename.


(Cisco Controller) > transfer download filename cert.pem

Step 8.     Start the FTP download.


(Cisco Controller) >transfer download start

Mode............................................. FTP  
Data Type........................................ Site Cert    
FTP Server IP.................................... 192.168.1.10
FTP Server Port.................................. 21
FTP Path.........................................
FTP Filename..................................... cert.pem
FTP Username..................................... ftp-user
FTP Password..................................... *********

This may take some time.
Are you sure you want to start? (y/N) y

FTP Webauth cert transfer starting.

FTP receive complete... Installing Certificate.

Certificate installed.
  Reboot the switch to use new certificate.

Step 9.     Reset the system to take new webauth login page certificate in effect.


(Cisco Controller) >reset system

The system has unsaved changes.
Would you like to save them now? (y/N) y     ----------------------------<<<<<<<<<<<<<<<<<

Configuration Saved!
System will now restart!







Posted by at No comments:

Customized Guest Web login page in Cisco WLC



This Document explains step by step procedure to upload Web login page used for web authentication. All WLCs has a default cisco login page. This method is used to upload the customised login page for web authentication.

1.     Before proceeding to upgrade process, please make sure that you take back up of configuration and license file. Please check the documents for configuration and license backup procedure.

2.     Please test the connectivity of FTP server from WLC.


(Cisco Controller) >ping 192.168.1.10
Send count=3, Receive count=3 from 192.168.1.10
 
If there is any firewall in between controller and FTP server, please open the FTP ports between them.

3.     Select the FTP server


(Cisco Controller) >transfer download serverip 192.168.1.10

4.     Configure the FTP username to be used to contact FTP server. We have used Cisco as username.


(Cisco Controller) >transfer download username Cisco

5.     Configure the FTP password to be used to contact FTP server. We have used Cisco as password.


(Cisco Controller) >transfer download password Cisco

6.     We have two options i.e FTP or TFTP to download the image to WLC from server. We have selected the FTP as file transfer mode.


(Cisco Controller) >transfer download mode ftp

7.     Select the file type webauthbundle.

(Cisco Controller) > transfer download datatype webauthbundle

8.     Choose the filename.


(Cisco Controller) > transfer download filename login.tar

9.     Start the FTP download.


(Cisco Controller) >transfer download start

Mode............................................. FTP  
Data Type........................................ Webauth Bundle
FTP Server IP.................................... 192.168.1.10
FTP Server Port.................................. 21
FTP Path.........................................
FTP Filename..................................... login.tar
FTP Username..................................... ftp-user
FTP Password..................................... *********

This may take some time.
Are you sure you want to start? (y/N) y

FTP transfer of Web authentication bundle starting.

FTP receive complete... extracting webauth files.

Customized Webauth files have been installed

10.  Reset the system to take new webauth page in affect.


(Cisco Controller) >reset system

The system has unsaved changes.
Would you like to save them now? (y/N) y     ----------------------------<<<<<<<<<<<<<<<<<

Configuration Saved!
System will now restart!






Posted by at No comments:

Download Configuration from FTP server to Cisco WLC



This procedure is useful in case of WLC hardware failure scenarios where we have the configuration backup and we need to put it to the new WLC. We are assuming both the new and old WLC have same hardware and software versions.

Step1. Configure initial setup of new WLC using the document Initial configuration set of WLC.

Step2. Before proceeding, please make sure that you have connectivity of FTP server with new WLC.


(Cisco Controller) >ping 192.168.1.10  ---<<<<<<<Assuming 192.168.1.10 is FTP server
Send count=3, Receive count=3 from 192.168.1.10
 
If there is any firewall in between controller and FTP server, please open the FTP ports between them.

Step3. Select the FTP server


(Cisco Controller) >transfer  download serverip 192.168.1.10

Step4. Configure the FTP username to be used to contact FTP server. We have used Cisco as username.


(Cisco Controller) >transfer  download  username Cisco

Step5. Configure the FTP password to be used to contact FTP server. We have used Cisco as password.


(Cisco Controller) >transfer download  password Cisco

Step6. We have two options i.e FTP or TFTP to download the configuration from WLC to server. We have selected the FTP as file transfer mode.


(Cisco Controller) >transfer  download mode ftp


Step7. Select the file type config.


(Cisco Controller) >transfer  download datatype config

Step8. Give the name of the configuration file.


(Cisco Controller) > transfer  download  filename config.txt

Step9. Start the FTP download.


(Cisco Controller) >transfer download start

Mode............................................. FTP  
FTP Server IP.................................... 192.168.1.10
FTP Server Port.................................. 21
FTP Path.........................................
FTP Filename..................................... Config
FTP Username..................................... cisco
FTP Password..................................... *********
Data Type........................................ Config File
Encryption....................................... Disabled

**************************************************
***  WARNING: Config File Encryption Disabled  ***
**************************************************


Are you sure you want to start? (y/N) y

FTP Config transfer starting.

File transfer operation completed successfully.

Step 10. Controller will boot and will boot up with new configuration. Verify all the configuration before putting it in production.


Posted by at No comments:

Internal DHCP SCOPE in Cisco WLC via GUI


We can configure wireless controller as DHCP server for SSIDs.

Step1. Create new DHCP scope.
Go to CONTROLLER - > ITNERNAL DHCP SCOPE -> DHCP SCOPE and click NEW.



Step2. Give the name to the scope and press APPLY.


Step3. Click the scope name to edit it.
 

 Step4. Create the scope pool.

Please choose the values carefully. Wrong selection may create problems for the users.


Step 5.  Go to Controller->interface and chose the appropriate interface.
Make sure to add the controller management IP address in the DHCP server fields.

Step 6. Go to CONTROLLER -> INTERNAL DHCP SERVER -> DHCL ALLOCATED LEASES and check the current DHCP Allocated IP address.


Step 7. When WLC is acting as DHCP server; please make sure that DHCP PROXY setting is enabled.


Step 8. Save the configuration.



Step 9. Please add manage IP of the controller as the DHCP server in the dynamic interface which is mapped to the SSID.



Step 10. Map the interface with SSID. Go to WLAN -> WLANs -> click the WLAN ID - > and choose the the interface accordingly.


Posted by at No comments:
Subscribe to: Posts (Atom)