TMS 14.4 and F5 BIG-IP config: username and password
We've got 2 TMS servers running 14.3.2 software behind BIG-IP load balancer. We're going to upgrade to 14.4 but Cisco has changed the redundancy model from active/active to active/passive. Some changes are required on the load balancer and this is clear so far.
However, Cisco mentioned username and password in the example BIG-IP config and I was told that no username is currently configured on the load balancer. The install guide says:
"After initial configuration of your F5 BIG-IP load balancer, you can configure it with the settings below using copy and paste. All IP addresses, DNS names, usernames, and passwords must be amended to reflect your actual configuration prior to applying the settings to your load balancer"
"HEAD /tms/public/IsAlive.aspx/?guid=<CHANGE TO THE GUID OF YOUR CISCO TMS>\\r\\n" time-until-up 0 timeout 16 username 'domain\\username'}
Do we need to add a Windows Server admin account details?
This may be silly question but I don't know load balancers.
That example is pretty vague for sure, as it doesn't mention anything of that in the earlier steps in the redundancy instructions. I believe the username and password is for an account that the load balancer would use to probe the TMS keep alive address. If that is the case, depends on how you'd like to manage the account, two separate local accounts on both servers, or one central shared account through Active Directory. I haven't upgraded our TMS servers yet, so I can't verify if an account is needed to check the keep alive address or not, we also don't have F5 load balancers either, so I'm kind of guessing, and like you trying to make sense of a not so very good example.
Maybe Kjetil or one of the TMS guys can chime in and shed some light on that example for you.
It has been a while since I set up an F5 with redundant TMS Servers, so I can't remember how I configured the load balancer. I don't have administrative access to my F5 from where I am right now, so I can't look it up either.
One thing is sure though: No authentication is needed for accessing /tms/public/IsAlive.aspx. (anything under /public/ does does not require authentication, that's why it is named as it is! :-)
I just checed the the IIS logs of my redundant 14.4 setup, and my F5 is not trying to authenticate when it is probing.
I agree that the documentation is a bit confusing, I'll see what I can do to clarify it.
You have reached the Cisco Logistics Support Center.. To Check Status of
your RMA, visit Product Returns & Replacements (RMA). Need help? Contact
us by Phone or Email. North Americas Phone: 1800 553 2447 Option 4
Email: email@example.com Europe Phone: +3...
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...