iQuery fails between GTM & LTM
POST EDITED
Hi all
Last night I attempted to enable iQuery between our GTMs and LTMs, however, it failed.
To walk through the steps here's what I did:
- Ensured the Self-IPs to which I would be establishing the iQuery to on the LTMs was set to Port Lockdown "Allow Default"
- Tested that iQuery, SSH and HTTPs weres not blocked via any firewalls: nc –v –s GTM IP <-> LTM IP 4353/22/443. All returned a success. Great!
- Attempted to run the bigip_add command from the GTM -> LTMs in DC1 by targeting the LTM Self-IPs: bigip_add4. Attempted to run the big3d_install command from the GTM -> LTMs in DC2 by targeting the LTM Self-IPs.
From the GTMs to one set of LTMs (in data centre 1) I received the following output:
Retrieving remote and installing local BIG-IP's SSL certs ...
Enter root password for -a if prompted
ssh: mkdir -p /config/big3d; if [ -e /config/httpd/conf/ssl.crt/server.crt ]; then cat /config/httpd/conf: Name or service not known
ERROR: Can't read remote cert via /usr/bin/ssh.
Enter root password for admin@x.x.x.x if prompted
ssh_exchange_identification: Connection closed by remote host
ERROR: Can't read remote cert via /usr/bin/ssh.
==> Done <==
On the other link, that is, the GTMs to the LTMs in data centre 2 I received a different problem:
Unable to retrieve version and platform information via iqsh for x.x.x.x
Attempting via ssh ...
Password: (Entered password 3 times)
Permission denied (publickey,keyboard-interactive,hostbased).
Unable to retrieve tmsh and/or big3d versions from x.x.x.x
Regarding the first issue I found an article that seems to describe our first problem:
“SOL13823:The bigip_add script fails to connect to BIG-IP systems running in Appliance mode”
http://support.f5.com/kb/en-us/solutions/public/13000/800/sol13823.html
However, our LTMs are not in appliance mode, but our GTMs are!? And in addition, we actually already have an iQuery between another pair of LTMs and these very same GTMs.
Regarding the second issue, as per the steps above the big3d versions were different so I attempted to run the big3d_install command. I'm wondering if the admin user I am putting in doesn't have the correct permissions. Currently the admin user does not have tmsh rights. Could this be the issue?
The versions we're running are:
GTMs: 11.2.1, LTM (DC1): 11.4.1, LTM (DC2): 10.1.0
Any advice?
Thank you