Forum Discussion
jeromef_184180
Nimbostratus
Hi stephan,
the host (generic host) is reachable form GTM (cli) with ping and curl command (http standard port).. i have configure a generic host with virtual server (Same IP of generic host but with port 80) with check http (fixed on generic host and virtual server) i have add this virtual server on new pool, all element is ko (red) generic host/virtualserver/pool...I don't understand...
Best regards
Feb 17, 2015
Hi Jerome,
how about the state of your GTM server?
In WebUI > Global Traffic > Servers you should also have the GTM configured (as BIG-IP device with "bigip" healthmonidor assigned).
Does it show up there and is it "up"?
Is your GTM added to a "sync" group?
Do you see continuous messages in /var/log/gtm (tail -f /var/log/gtm) regarding failing connections?
Daemons inside GTM and between GTM controllers (in same sync group) communicate via F5 iQuery protocol via TCP/4353. iQuery is using the device certificates for authentication.
Did you already run the "bigip_add" and "gtm_script" on the device?
I guess the internal device communication is not set up or broken and that´s why the external server´s availability isn´t reported properly to the gtmd.
Steps to troubleshoot:
1. create new device certificate (using the unit´s hostname as CN and 3650 days)
2. have a internal self IP in allow service "default"
3. optional: run "bigip_add " (should not be necessary)
During all steps run "tail -f /var/log/gtm" in a separate console.
You should see GTM joining sync-group and turning "green".
You should see other servers (i.e. your generic host) turning "green"
Please note, that the PortLockDown settings are opening services on your BIG-IP.
Make sure to block unauthorized traffic to the self IP, please.
Thanks, Stephan