Manual Chapter : Common elements for device trust

Applies To:

Show Versions Show Versions

BIG-IP ASM

  • 15.0.0, 14.1.0
Manual Chapter

Common elements for device trust

  1. On the Main tab, click
    Device Management
    Device Trust
    Local Domain
    .
  2. On the Main tab, click
    Device Management
    Device Trust
    Device Trust Members
    .
  3. In the Trust Information area of the screen, click
    Reset Device Trust
    .
  4. Choose a certificate signing authority option, and then click
    Update
    .
    The system prompts you to confirm your choice.
  5. In the Peer Authority Devices area of the screen, click
    Add
    .
  6. In the Subordinate Non-Authority Devices area of the screen, click
    Add
    .
  7. Click
    Add
    .
  8. Click
    Add
    .
  9. Type a device IP address, administrator user name, and administrator password for the remote BIG-IP device with which you want to establish trust. The IP address you specify depends on the type of BIG-IP device:
    • If the BIG-IP device is an appliance, type a management IP address (IPv4 or IPv6) for the device.
    • If the BIG-IP device is a VIPRION device that is not licensed and provisioned for vCMP, type a primary cluster management IP address (IPv4 or IPv6) for the cluster.
    • If the BIG-IP device is a VIPRION device that is licensed and provisioned for vCMP, then type a cluster management IP address (IPv4 or IPv6) for the guest.
    • If the BIG-IP device is an Amazon Web Services EC2 device, type one of the Private IP addresses created for this EC2 instance.
  10. Type the management IP address, administrator user name, and administrator password for the remote BIG-IP DNS device.
  11. Click
    Next
    .
  12. Verify that the certificate of the remote device is correct, and then click
    Device Certificate Matches
    .
  13. Verify that the displayed information is correct.
  14. Verify that the name of the remote device is correct.
  15. In the
    Name
    field, verify that the name of the remote device is correct.
  16. Click
    Update
    .
  17. Click
    Add Device
    .
  18. Click
    Finished
    .
  19. Click
    Retrieve Device Information
    .
  20. From the
    Device Type
    list, select
    Peer
    or
    Subordinate
    .
The two BIG-IP devices have exchanged device certificates and are now authoritative peer devices.