Forum Discussion
Steps to be done will be:
- license RMA unit
- rekey RMA unit (f5mku) for succesful import of encrypted config
- restore UCS backup using no-license option (that will include all HA configurations and certs already)
You can optionally force offline RMA unit until you're ready to have it inline, I don't remember if this has an impact on HA link communication, it used to in older versions
- rack, wire (maybe only HA+mgt link first, then traffic links when unit has s.by role) & boot RMA unit
- optionally, failover the cluster and confirm traffic flows as intended
- success
Also if there is a DNS module there specific requerments for RMA:
https://support.f5.com/csp/article/K14083
Also see:
- Omar2Cirrus
Hello Sarovani,
There are two scenarios,
First one is that you don't have a backup UCS from the defective device and don't have the master key of it and in this scenario you have to do the below:
- power on the new RMA device, License it and configure initial configuration like MGMT IP, VLANs , Self IPs , NTP , DNS and HA configurations like the defective device was configured to make it as an HA peer to the active device.
- Then you can sync the configurations from the active device.
Second one is that you have a backup UCS from the defective device and also the master key and in this scenario you have to do the below:
- power on the new RMA device, License it and rekey RMA unit with the master ke and then restore UCS backup using no-license option.
- then sync the configurations.
_ for test, failover between the active device and RMA Device to be sure that traffic is working on the new RMA device.
_ in all scenarios, make sure that the new device is to be offline till you will be ready to make it as online to test traffic on.
+ to get Master key >>>>> use this command : f5mku -K
+ to rekey the new device >>> f5mku -r <key_value>
this is described in this link : https://support.f5.com/csp/article/K9420
I hope it is clear for you.