Launch and initial configuration
The instructions are slightly incorrect. You’ll want to ssh as ‘admin’ (not root or ec2-user)
$ ssh -i mykey.pem email@example.com
Then use these TMOS commands to set and save a password for the admin user:
(tmos)# modify auth user admin prompt-for-password (tmos)# save sys config
Login to the GUI as admin with the new password to do licensing and initial configuration.
Interfaces, Self IPs, and VLANs
While F5 guides list a variety of interface configurations, my advice is use 3
- eth0: mgmt – Used for SSH, HTTPS, and SNMP polling access
- eth1: interface 1.1: vlan “external” in a public subnet – For talking to Internet
- eth2: interface 1.2: vlan “internal” in a private subnet – For talking to internal resources and HA
The default route should of course be via the external interface’s gateway. Any private IP address spaces (10.0.0.0/8, etc) can be routed via the internal interface’s gateway
If doing an HA pair across multiple availability zones, items with unique IP addresses such as routes, virtual servers, and perhaps pools/nodes will need to go in a separate non-synchronized partition.
- To go System -> Users -> Partition list
- Create a new partition with a good name (i.e. “LOCAL_ONLY”)
- Uncheck the Device Group and set the Traffic Group to “traffic-group-local-only”