F5 ARX-500 Hardware Installation Manual Download Page 40 | Manualshive

Page: 40 / 62

F5 ARX-500 Hardware Installation Manual Download Page 40

Chapter 3
Connecting the Switch to the Network

3 - 10

Installing a Redundant Peer or Cluster

If you are installing the second switch in a redundant pair (called an ARX
cluster) or if you are configuring a second ARX cluster in a Disaster
Recovery (DR) configuration, you need to provide additional information to
the initial-boot script because all members of the cluster share a common
master key.

Note

A master key is an encryption key for all critical-security parameters
(CSPs), such as administrative passwords.

Redundant switches must use the same master key because they share the
same users, groups, and passwords. In the case of of a DR configuration, all
four ARX devices must be configured with a common master key.

At the peer that is currently installed, enter the

show master-key

command

to create an encrypted copy of the master key.

The CLI prompts you for the following passwords:

• System password. The system password is entered at initial-boot time

and validates that you have permission to access the master key. See

Booting a Non-Replacement Switch, on page 3-4

.

The system password is 12 – 32 characters long.

• Wrapping password. The wrapping password is set with the

show master-key

command. The security software uses the wrapping

password to encrypt (and later decrypt) the master key string.

Enter 12 – 32 characters. At least one character in this password must be
a number (0-9) or a symbol (!, @, #, $, and so on).

Important

Save this password as you will need it to decrypt the master key on the new
switch.

The

show master-key

command outputs a base64-encoded string that is the

encrypted master key. Save this string and the wrapping password that you
set in the command.

The following example shows the master key on a switch named

provB

:

provB#

show

master

‐

key

System

Password:

%uper$ecretpw

Wrapping

Password:

an0ther$ecretpw

Validate

Wrapping

Password:

an0ther$ecretpw

Encrypted

master

key:

2oftVCwAAAAgAAAApwazSRFd2ww/H1pi7R7JMDZ9SoIg4WGA/XsZP+HcXjsIAAAADDR

bMCxE/bc=
provB#

...

«
...
38
39
40
41
42
...
»

Summary of Contents for ARX-500

Page 1: ...ARX 500 Hardware Installation Guide 810 0039 00 ...

Page 2: ......

Page 3: ...F5 DESIGN F5 Management Pack F5 Networks F5 World Fast Application Proxy Fast Cache FirePass Global Traffic Manager GTM GUARDIAN IBR Intelligent Browser Referencing Intelligent Compression IPv6 Gateway iApps iControl iHealth iQuery iRules iRules OnDemand iSession IT agility Your way L7 Rate Shaping LC Link Controller Local Traffic Manager LTM Message Security Module MSM Netcelera OneConnect OpenBl...

Page 4: ...o cause harmful interference in which case the user at his own expense will be required to take whatever measures may be required to correct the interference Any modifications to this device unless expressly approved by the manufacturer can void the user s authority to operate this equipment under part 15 of the FCC rules Canadian Regulatory Compliance This Class A digital apparatus complies with ...

Page 5: ...events depicted in examples herein are fictitious No association with any real company organization product domain name email address logo person place or event is intended or should be inferred Revision History October 2005 Rev A November 2005 Rev B minor CLI changes March 2006 Rev C change to show chassis and update Supported Protocols for 2 3 August 2006 Rev D updates for Software Release 2 4 O...

Page 6: ...vi June 2011 Rev R minor updates for Software Version 6 00 000 September 2011 Rev S updates for Software Version 6 1 0 July 2012 Rev T updates for Software Version 6 2 0 ...

Page 7: ...Table of Contents ...

Page 8: ......

Page 9: ...alling the Rack Handles 2 6 Rack Mounting the Switch 2 7 Securing the Chassis to the Rack optional 2 7 Installing the Bezel optional 2 8 Attaching the Power Cord 2 8 Powering On the Switch 2 9 Cabling 2 9 3 Connecting the Switch to the Network Identifying the Management Interfaces 3 3 Connecting the Console Interface 3 3 Booting the Switch 3 4 Booting a Non Replacement Switch 3 4 Preparing for Swi...

Page 10: ...Table of Contents x ...

Page 11: ......

Page 12: ...Table of Contents xii ...

Page 13: ...1 Introduction Audience for this Manual Document Conventions Related Documents Safety and Regulatory Notices Contacting Customer Service ...

Page 14: ......

Page 15: ...r input italic text appears for emphasis new terms and book titles Note Notes provide additional or helpful information about the subject text Important Important notices show how to avoid possible service outage or data loss WARNING Warnings are instructions for avoiding damage to the equipment DANGER Danger notices help you to avoid personal injury Related Documents In addition to this guide the...

Page 16: ...is is a Class A product based on the standard of the Voluntary Control Council for Interference by Information Technology Equipment VCCI If this equipment is used in a domestic environment radio disturbance may occur in which case the user may be required to take corrective actions Qualified Personnel Warning WARNING Only trained and qualified personnel should be allowed to install replace or serv...

Page 17: ...ained by service personnel through the use of a special tool lock and key or other means of security and is controlled by the authority responsible for the location ATTENTION Cet appareil est à installer dans des zones d accès réservé Ces dernières sont des zones auxquelles seul le personnel de service peut accéder en utilisant un outil spécial un mécanisme de verrouillage et une clé ou tout autre...

Page 18: ... l élément le plus lourd dans le bas Si le casier est équipé de dispositifs stabilisateurs installer les stabilisateurs avant de monter ou de réparer l unité en casier Power Electric Shock Warning WARNING To reduce the risk of electric shock disconnect the power supply cord before servicing the unit ATTENTION Pour éviter les risques d électrocution débrancher le cordon d alimentation avant de répa...

Page 19: ...n fusible ou qu un disjoncteur de 120 V alt 15 A U S maximum 240 V alt 10 A international est utilisé sur les conducteurs de phase conducteurs de charge Power Supply Disconnection Warning WARNING Before working on a chassis or working near power supplies unplug the power cord on AC units ATTENTION Avant de travailler sur un châssis ou à proximité d une alimentation électrique débrancher lecordon d...

Page 20: ...rvice F5 Networks Online Knowledge Base Online repository of answers to frequently asked questions http support f5 com F5 Networks Services Support Online Online customer support request system https websupport f5 com Telephone Follow this link for a list of Support numbers http www f5 com support support serv ices contact ...

Page 21: ...ls and Equipment Verifying Shipment Unpacking the Switch Installing the Slide Rack Mount Rails Installing the Rack Handles Rack Mounting the Switch Securing the Chassis to the Rack optional Installing the Bezel optional Attaching the Power Cord Powering On the Switch Cabling ...

Page 22: ......

Page 23: ...always check Before installing the switch locate the power button on the front control panel of the switch and make sure it is off LED not illuminated Disconnect the power cord and any power or external cables before moving the switch Recommended Tools and Equipment The following equipment is recommended for unpacking rack mounting and installing the switch Utility knife optional for the packaging...

Page 24: ...power cords and bezel are packed on top of the switch as shown in the following figure The Accessory Kit is at the bottom of the box under theARX 500 chassis Figure 2 1 ARX 500 Shipment Check the contents of the shipping crate to verify complete shipment which includes the following Mounting slide rails 1 left and 1 right Front bezel with 2 locking keys taped to the rear of the bezel Power cord ...

Page 25: ...from some physical shock such as a drop If the sticker is red examine the switch for physical damage 4 If you need to return the unit consult the instructions at AskF5 http www f5 com pdf customer support rma process pdf 5 Carefully lift the switch out of the box and place it on a stable surface 6 Verify the contents of the Accessory Kit contents listed above 7 Locate the slide rail rack mount ins...

Page 26: ...switch These instructions also explain how to install the switch into the rails Installing the Component into the Slide Rails Installing the Rack Handles Install one rack handle at each end of the front panel Use two screws for each handle Use the rack handles to push the chassis into or pull the chassis out of a densely populated rack Important Do not push on the disk drive faceplates The face pl...

Page 27: ...ails The following figure shows three ARX 500s front panel view no bezels rack mounted in the lower section of a Telco rack Figure 2 2 ARX 500 Switch Rack Mounted Securing the Chassis to the Rack optional To protect the chassis from sliding out of the rack during an extreme event such as an earthquake you can screw each rack handle to the slide rails One screw included in the Accessory Kit goes in...

Page 28: ...k it with one of the locking keys Attaching the Power Cord Locate the power button shown in the following figure on the front control panel of the switch and ensure it is not on power LED not illuminated DANGER In the event that AC power must be removed from the system disconnect the power cord to avoid electric shock Figure 2 3 Power Button Front View ...

Page 29: ... the AC outlet to the switch is properly grounded To power on the switch press the power button on the front control panel of the switch This illuminates the power LED above the button Cabling Ethernet cables are supplied by the customer For cable specifications and requirements see Power Cord and Cable Requirements on page 4 5 For cable connector and pinout information see Cable Connectors and Pi...

Page 30: ...n Connecting the Switch to the Network on page 3 1 which provides instructions and examples for the initial boot process You can cable the client server port any time after powering up the chassis You can also cable the redundancy link to its peer at any time To join the switches as a redundant pair follow the instructions in the ARX CLI Network Management Guide after the initial boot process is f...

Page 31: ...3 Connecting the Switch to the Network Identifying the Management Interfaces Connecting the Console Interface Booting the Switch Connecting the Out of Band Management Port ...

Page 32: ......

Page 33: ...the initial boot process described in this chapter you can access only the serial console port You configure the out of band management port as part of the initial boot process Note The out of band management port is labeled 2 on the device After completing the initial boot process you can access the out of band management port For more information see Connecting the Out of Band Management Port on...

Page 34: ...uestions about license activation consult the ASKF5 Knowledge Base solution on that subject Launch a browser and enter http support f5 com kb en us solutions On the AskF5 Knowledge Base page enter the keyword sol12800 and click Search Booting a Non Replacement Switch The following example shows the simplest initial boot scenario booting a new non replacement switch that is either standalone or the...

Page 35: ...yes or no default no no The base registration key is used to activate the software license for this system 6 Enter the switch s base registration key in the format xxxxxxx xxxxxx xxxxx xxxx xxxxxxx default A362247 945361 27183 5068 9388182 Enter The crypto officer is the most privileged user in the system 7 Enter the crypto officer username in the format text 1 28 characters admin 8 Enter the cryp...

Page 36: ...s on using the GUI to set up network parameters or the ARX CLI Network Management Guide for detailed network configuration instructions Preparing for Switch Replacement The process of replacing a defunct switch is more complicated than the initial boot process for a new non replacement switch You can replace a single switch or a switch that is a member of a redundant pair The interview that runs d...

Page 37: ...ing the Private Subnet The next set of questions ask for the switch s private subnet the private VLAN for that subnet and the VLAN for a private metalog subnet If the failed switch was in a redundant pair and or Resilient Overlay Network RON the private subnets of the replacement switch should match those of the switch that failed Each ARX uses its private subnet for communication with other ARXes...

Page 38: ...nge logs on battery backed NVRAM possibly on a redundant peer Be sure this value does not conflict with existing VLAN IDs 10 Enter the switch s private subnet metalog VLAN in the format integer 1 4095 default 1003 1006 Enter Finding the UUID of the Failed Switch When a switch imports storage from backend file servers it marks each share with its UUID Universally Unique ID A replacement switch must...

Page 39: ...a2 10 1 49 60 minturnA None 0 days 02 00 16 ONLINE 3d17e8ce 571e 11dc 9852 ef323fbb290f 10 1 27 69 provA None 0 days 02 08 11 OFFLINE db922942 876f 11d8 9110 8dtu78fc8329 10 1 38 19 prtlndA prtlndB 0 days 02 07 59 ONLINE 876616f6 79ac 11d8 946f 958fcb4e6e35 10 1 23 11 prtlndB prtlndA 0 days 00 18 55 ONLINE 64dcab94 a2b6 11d8 9d25 bf2c991c83f9 10 1 23 12 bstnA Applying the UUID As shown in the prec...

Page 40: ...words System password The system password is entered at initial boot time and validates that you have permission to access the master key See Booting a Non Replacement Switch on page 3 4 The system password is 12 32 characters long Wrapping password The wrapping password is set with the show master key command The security software uses the wrapping password to encrypt and later decrypt the master...

Page 41: ... of software this example may not exactly match the text on your screen F5 ARX Startup This F5 ARX switch does not currently have critical system information programmed The following wizard prompts you for this information You can connect to the switch through the out of band management interface when you finish To restart the configuration program enter r at any prompt The switch s management por...

Page 42: ...t d7270d56 9e39 11d8 83e1 a21e0cbcc384 db922942 876f 11d8 9110 8dtu78fc8329 The base registration key is used to activate the software license for this system 11 Enter the switch s base registration key in the format xxxxxxx xxxxxx xxxxx xxxx xxxxxxx default A362247 945361 27183 5068 9388182 Enter The crypto officer is the most privileged user in the system 12 Enter the crypto officer username in ...

Page 43: ...g configuration file Processing configuration file boot config User Access Authentication Username admin Password mypassword SWITCH At this point the switch is ready for configuration through the GUI or CLI Confirm that the replacement switch is running compatible software and firmware with its peer then set it up The next sections describe this process Checking Software and Firmware Before Joinin...

Page 44: ...tworks Inc All rights reserved Running Release test1 rel Version 5 01 000 11927 Nov 23 2009 21 57 26 nbuilds Armed Release test1 rel Version 5 01 000 11927 Nov 23 2009 21 57 26 nbuilds Backup Release test3 rel Version 5 01 000 11927 Nov 23 2009 21 57 26 nbuilds System Configuration Version 501000 36 SWITCH uptime is 0 weeks 0 days 0 hours 8 minutes Accessing the Client Server Network The replaceme...

Page 45: ...work Layer in the ARX CLI Network Management Guide for a complete set of options and instructions Upgrading the Software and Firmware on the Replacement ARX If the replacement ARX is running an outdated release you must upgrade its software and firmware Use the stand alone instructions in Upgrading Software on page 6 1 of the ARX CLI Maintenance Guide If the software is more than two major release...

Page 46: ...tworks Inc All rights reserved Running Release test5 rel Version 6 02 000 14293 Dec 2 2011 20 04 01 nbuilds Armed Release test5 rel Version 6 02 000 14293 Dec 2 2011 20 04 01 nbuilds Backup Release test1 rel Version 5 01 000 11927 Nov 23 2009 21 57 26 nbuilds System Configuration Version 602000 21 SWITCH uptime is 0 weeks 0 days 0 hours 2 minutes Slot Admin ModuleType ModuleState FW Upgrade 1 Enab...

Page 47: ...s Summary 1 Upgrade available 3 Upgrade available 5 Upgrade available SWITCH firmware upgrade all Confirmation of this command commences a firmware upgrade on the entire chassis During the upgrade process the chassis reboots automatically to complete the upgrade process If this includes a bios upgrade this could take at least 30 minutes Proceed yes no yes System is resetting User Access Authentica...

Page 48: ...ork SWITCH cfg hostname provoA prtlndA cfg ip domain list wwmed com prtlndA cfg prtlndA cfg exit prtlndA If you copied the private subnet and mask from the defunct switch recall Matching the Private Subnet on page 3 7 this completes the switch replacement Otherwise the new switch learns its private subnet from its peer re configures itself and reboots A reboot is necessary to change the private su...

Page 49: ...ss the CLI use SSH with the interface and the crypto officer username for example ssh admin 10 1 38 19 For instructions on getting starting with ARX Manager see the ARX GUI Quick Start Network Setup For instructions and best practices for using the CLI see the ARX CLI Network Management Guide ...

Page 50: ...Chapter 3 Connecting the Switch to the Network 3 20 ...

Page 51: ...4 Maintenance Powering Down the ARX 500 POST Diagnostics Front Panel LEDs Rear Panel LEDs ...

Page 52: ......

Page 53: ...e device reboots and the system powers up POST power on self test diagnostics run to verify basic hardware integrity You can view any hardware failures at the system console through the show version and show chassis commands The following sample shows the output from the show version command provA cfg show version Copyright c 2002 2012 by F5 Networks Inc All rights reserved Running Release test3 r...

Page 54: ...Good Module Slot Ports Procs Card Xeon Sibyte Serial 1 2 2 ACM 2 0 GHz 4096 MB 700 MHz 512 MB 2415 Slot MAC Address HW Version Rework Deviation 1 000A49096F0F to 000A49096F10 A 7 4 0 Slot Reset CPLD Keeper CPLD BIOS Version 1 5 5 S5000 86B 10 00 0094 101320081858 Slot FPGA Version NSM Boot Version NSM Diag Version NSM BootLdr Version 1 macau 11 5 01 000 11898 5 01 000 11898 5 01 000 11898 Disk Usa...

Page 55: ...hich it is connected Blinking green light indicates network activity b NIC1 LED Not supported c Power LED Continuous green light indicates the system has power applied to it No light indicates the power is off d Hard drive activity LED Random blinking green light indicates hard disk activity IDE The hard disk is used by system management processes such as the CLI and GUI No light indicates no hard...

Page 56: ...d its port LEDs and system status LEDs Figure 4 2 ARX 500 Rear Panel LEDs Port LEDs The two communication ports on the ARX 500 the client server port and redundancy link port have two LEDs located in their lower corners Lower left Link status LED steady green indicates that the link is established Lower right Activity LED blinking yellow indicates packet traffic ACM Status LEDs There are four addi...

Page 57: ...ng table lists these colors status and module states Table 4 1 NVRAM LED LED Color Description Action Yellow NVRAM is in battery backup mode Off NVRAM is not in battery backup mode Table 4 2 ACM Status and Alarm LED Patterns Alarm Status Module State Off Green Online Red Green Blinking ACM failed or is powering down Off Yellow Blinking ACM powering up and running all POST tests Off Yellow Online P...

Page 58: ...wer PWR LED The following table lists the colors and states for the Power LED Table 4 3 Power LED LED Color State Description Action Green The power supply is functioning correctly Clear off Power problem Contact customer service ...

Page 59: ...Index ...

Page 60: ......

Page 61: ...ent port 3 3 connecting 3 18 management ports connecting 3 18 MGMT interface location on the ARX500 3 3 O Operational status LEDs 4 5 P Ports management console 3 3 POST diagnostics 4 3 Power cords attaching 2 8 Powering up the switch 2 8 R Rack mounting the switch 2 6 registering the license 3 4 Running the boot wizard 3 4 running the boot wizard 3 4 S Safety instructions 2 3 Serial console port ...

Page 62: ...Index Index 4 ...

Reviews:

No comments

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands