Unofficial - F5 Certification Exam Prep Material > Symposium 2025 - BIG-IP Administrator: Source | Edit on
Lab 9: BIG-IP LTM Management Interface¶
This lab is designed to teach students about the BIG-IP LTM (Local Traffic Manager) Management interface and its various configurations and access control settings. Students will gain hands-on experience to better understand management IP functionalities, connectivity, and the security settings associated with it. The lab consists of step-by-step instructions, covering each of your objectives.
Lab instructions¶
This lab will use BIG-IP 01 and the Jumpbox. Students will execute TMSH commands in the Web Shell of BIG-IP 01. Afterwards, the students will test access on the Jumpbox.
Note
There are three methods add, delete, and replace-all-with for managing SSHD and HTTPD.
Objective 1: Identify the Configured Management-IP Address¶
Objective 2: SSHD ACLs (Access Control Lists)¶
Objective 3: HTTPD ACLs¶
Objective 4: Explain Management IP Connectivity Issue¶
Unreachability Scenarios:
- Discuss common reasons for Management IP connectivity issues:
- Firewall blocking access to Management-IP.
- Wrong subnet mask or gateway configuration on the BIG-IP.
- Device is on a different VLAN or broadcast domain.
- SSH/HTTP services are disabled or access control limits are in place.
- Discuss common reasons for Management IP connectivity issues:
Troubleshoot Connectivity Issues:
Ping Test: Verify if the Management IP is reachable using:
Use the tcpdump utility on BIG-IP to monitor incoming connection requests on the management interface:
Lab Conclusion¶
By the end of this lab, students should:
- Understand and modify the Management IP address settings.
- Demonstrate remote connectivity to the BIG-IP system.
- Be able to troubleshoot Management IP connectivity issues.
- Configure SSH and HTTP/HTTPS access lists (ACLs) for the Management interface.
- Differentiate between improper and secure configurations for Management access.
Cleanup Tasks¶
Revert any changes you made to the ACLs during the lab:
Validate that the Management IP is accessible as per the lab’s original configuration.