Device group configuration

Basavaraj,

Since TMOS v11.3 Device Groups can have BIG-IPs of different platforms. So if you're at a latest version then you should be able to add them into the existing sync group and configsync the changes across.

Good luck.

N

Hi Nathan,

Thank you so much for the response, we are running version 11.6 and hot fix 8, i guess we will not be having any issues in the adding new F5s into existing device group.

I have one more doubt, say for example in old F5 there are some persistence profiles are configured and they are secured with encrypted password which users dont remember.

so if add my new F5s into the existing device group and sync, will it create any problem because of these encrypted cookie passwords?

i would like to understand how these cookies persistence profiles with encrypted password works ?

can i also delete this encrypted cookie and re-create again ?

Thanks/Basavaraj

Although in this case, you cannot load a UCS from one device to another without intervention, the admin can now change the master key and then successfully load the configuration onto a different device.

1. Before taking the UCS to a different system, set the master key from a passphrase using the following command: tmsh modify sys crypto master-key prompt-for-password.
2. On the system where the UCS will be restored, load the UCS. (Here, it fails to load due to encrypted attributes which cannot be decrypted.)
3. On the new system with the failed UCS load, set the master key using the previously specified passphrase, by running the command: tmsh modify sys crypto master-key prompt-for-password.
4. Load the configuration with the command: tmsh load sys config. The configuration loads and the encrypted attributes are accessible.