Applies To:
Show VersionsWANJet
- 4.2.10, 4.2.3, 4.2.2, 4.2.1, 4.2.0
4
Initial Configuration
Logging on to the WANJet Web UI
After you complete the initial hardware configuration, using the LCD panel, a computer connected to the WANJet appliance's serial port, or a secure shell (SSH), you can set up the WANJet appliance using a browser-based interface, called the Web UI. By default, you can access the Web UI from any computer that is connected to the network, and can run a web browser.
This chapter describes how to log on to the WANJet Web UI and perform the basic configuration required for the WANJet appliance to start processing traffic. This basic configuration is also covered on the Quick Start Card that ships in the box with the WANJet appliance. If you have already performed the basic configuration steps on the Quick Start Card, you do not need to repeat them.
After you finish installing and configuring the WANJet appliance, you use the Web UI to administer the appliance and perform additional configuration. You need to log on to the Web UI of each WANJet appliance using the admin account to fully configure it.
Another account called roadmin is available to log on to the Web UI with read-only access to the configuration settings. You log on the same as you do for the admin account using roadmin as the user name and default password.
If your web browser cannot access the Web UI, it may be because Web UI access is restricted to specific IP addresses. You can grant access through the console by specifying the IP address of the machine on which your browser runs. Once you have access, you can use the Web UI to change the list of addresses. See Granting Web UI access , located in Chapter 5..
To log on to the Web UI
- In a web browser, access the Web UI using HTTPS and port 10000 in this format:
- Type the user name and password.
The default user name is admin and the default password is admin (unless it was changed by a local administrator). - Click the Log On button.
The WANJet appliance Web UI opens.
For example, if the IP address of the appliance is 192.168.168.102, type https://192.168.168.102:10000 in the web browser. (If you set up the Management port, use the Management IP address instead of the IP address of the WANJet appliance.)
The Welcome screen opens where you can log on.
To log on to the Web UI as a read-only administrator
- In a web browser, access the Web UI using HTTPS and port 10000 in this format:
- Type the user name and password.
The default user name is roadmin and the default password is roadmin (unless it was changed by a local administrator). - Click the Log On button.
The WANJet appliance Web UI opens.
For example, if the IP address of the appliance is 192.168.168.102, type https://192.168.168.102:10000 in the web browser.
The Welcome screen opens where you can log on.
Using the Web UI
When you log on to the Web UI of a WANJet appliance, that appliance is considered to be the local WANJet appliance. All other WANJet appliances are remote WANJets appliances in relation to the one you are working on.
When you are logged on to the WANJet appliance, it remains available as long as you are using the Web UI. The WANJet appliance automatically logs you off after 30 minutes of inactivity.
The first screen that you see when you log on to the Web UI is the WANJet Status screen, which displays in the main browser frame. This screen displays a brief summary of the status, IP address, alias, and software version of each remote WANJet appliance. Figure 4.1 shows the parts of the Web UI.
For instructions on obtaining additional remote status information, refer to Status report , located in Chapter 8.
Dashboard
The Web UI, below the F5 logo, displays a variety of status indicators and shortcuts. This area, called the dashboard, is always visible, regardless of where you are in the Web UI.
The dashboard displays the following information:
- WANJet appliance name and IP address
The alias (name) and the IP address of the local WANJet appliance. - WANJet links
The number of links to remote WANJet appliances, and a light showing the status of remote WANJet appliances: - A green light indicates that all links are active.
- A red light displays if no links are active.
- A yellow light displays if only some links are active.
- Current time and time active
The current time on the local WANJet appliance and how long (in days, hours, and minutes) it has been active. - Optimized sessions
The number of WAN sessions that the WANJet appliance is currently optimizing (this number includes all established sessions plus connections that are in the process of being optimized). This links to the Optimized Sessions report (this number lists only established sessions). For more information, see Optimized Sessions diagnostics , located in Chapter 8. - Passthrough sessions
The number of WAN sessions that are passing through the WANJet appliance, without optimization. This links to the Passthrough Sessions. For more information, see Passthrough Sessions diagnostics , located in Chapter 8.
For more information about each link, click the word Active on the screen to display the Remote Status report. For more information, see Status report , located in Chapter 8.
Navigation pane
The navigation pane is the area on the left of the screen, below the dashboard. It includes five sections that you can expand:
- Reports
Provides links for you to view reports and diagnostic logs depicting WANJet appliance performance. - Optimization
Provides screens to set up the operational mode, optimization policies, application QoS, IT service policies, and WANJet appliance tuning. - Configuration
Provides screens to allow you to configure local and remote WANJet appliances, interfaces, third party monitoring through SMTP, email alerts, and time. - Security
Provides screens for changing the administrator passwords, setting up remote authentication, adding a PIN code for accessing the LCD (WANJet 400 and 500 only), and restricting access to the WANJet appliance based on IP addresses. - System
Provides screens for you to view licensing information, backup and restore configuration settings, initiate an upgrade or boot from a different software image, or shut down the WANjet appliance.
To view other Web UI screens, expand a section in the navigation pane, on the left side of the screen, and click an option. Information displays in the main area of the screen. For example, if a step says to go to the Optimization Policy screen, expand Optimization and click Optimization Policy. The WANJet Optimization Policy screen replaces the WANJet Status screen in the main browser frame.
Main screen
The main screen is the area of the Web UI that contains reports showing information about WANJet appliance operations, or fields where you can configure how the WANJet appliance works.
Web UI links
The following links always appear at the top right of the Web UI:
Logging off the Web UI
To maintain the security of the WANJet appliance, you should log off when you are done using it. Figure 4.2 shows the location of the Logout button. The WANJet appliance automatically logs you off after 30 minutes of inactivity for added security.
To log off the Web UI
Activating the license
You must activate the license associated with your WANJet appliance after setting the addresses. The WANJet appliance cannot optimize traffic until the license is activated. If you followed the instructions in the Quick Start Card, you may have already activated the license. (If the license is already activated, the WANJet Status screen displays License: OK.)
You can activate the license automatically or by using the manual procedure. You only need to activate the license once. When you update the WANJet appliance in the future, the license information is retained.
The license purchased for the WANJet appliance is associated with the bandwidth of the WAN link. To increase the bandwidth of that link, you need to contact F5 to obtain a new license, then activate it.
Automatic activation is the easiest method (and is the default method) because the WANJet appliance directly contacts the F5 licensing server and handles the activation. However, in certain cases, you may need to manually activate the license. For example, follow the manual procedure if the WANJet appliance does not have a direct connection to the Internet, or if it resides behind a firewall that does not allow for a direct Internet connection. You can try the automatic method first, and if you receive a message concerning a connection failure, then try the manual method.
To manually activate the license, you need an administrative workstation with a connection to the WANJet appliance and the Internet.
To activate the license automatically
- Log on to the WANJet appliance. (For details, see Logging on to the WANJet Web UI .)
The WANJet Status screen opens. - On the WANJet Status screen, next to License, click the Not entered link.
The WANJet License Details screen opens. - For Base Registration Key, you should see your registration key (filled in at the factory).
- Click Next.
The EULA (End User License Agreement) screen opens. - Read the EULA, and then click Accept if you agree to the conditions.
The WANJet appliance automatically activates the license. When license activation is complete, the WANJet License Details screen opens and shows the current license date.
If automatic license activation does not work, you can use manual activation instead, described in the next section.
To activate the license manually
- Log on to the WANJet appliance. (For details, see Logging on to the WANJet Web UI .)
The WANJet Status screen opens. - On the WANJet Status screen, next to License, click the Not entered link.
The WANJet License Details screen opens. - For Base Registration Key, you should see your registration key (filled in at the factory).
- Next to Activation Method, click Manual.
- Click Next.
The Manual Activation screen opens. - Select and copy the entire contents of the Dossier box (Ctrl + A, Ctrl + C).
- Click the Click here to access F5 Licensing Server link, located below the dossier.
In a separate browser, the Activate F5 License screen opens. - On the Activate F5 License screen, paste the dossier that you copied and click Next.
The Activate F5 Product displays, still in a separate browser. - Read the license, then select I have read and agree to the terms of this license and click Next.
The license information is displayed on the Activate F5 Product screen. - Select the entire license (Ctrl + A, Ctrl + C), and paste it into the Manual Activation screen after Step 3: License.
- Click Next.
The WANJet License Details screen displays with the current license date. - In the navigation pane, expand Reports and click Status.
The license should now display as OK.
Basic WANJet appliance configuration
You must set up WANJet appliances in pairs, with one appliance on each side of the WAN link. You can perform the configuration steps for both appliances either on each physical appliance, or from a single computer by logging on to the Web UI remotely.
Figure 4.3 shows two WANJet appliances that are deployed in a point-to-point configuration.
The WANJet appliances in this example are connected as follows:
For this example, basic WANJet appliance configuration includes the following steps:
- Naming the first WANJet appliance
- Configuring multiple subnets (if required)
- Defining the second WANJet appliance as a remote WANJet appliance on the first WANJet appliance
- Naming the second WANJet appliance
- Defining the first WANJet appliance as a remote WANJet appliance on the second WANJet appliance
Naming the first WANJet appliance
You configure WANJet appliances in pairs to optimize the traffic that flows between them. A pair of WANJet appliances consists of a local WANJet appliance and a remote WANJet appliance, one on either side of a WAN link. A typical configuration might include one WANJet appliance in a data center where company servers reside, and a second WANJet appliance on the other side of the WAN in an office where employees work.
You can start by naming the first WANJet appliance in the pair.
To name the first WANJet appliance
- Into a browser, type the address and port for the first WANJet appliance. For this example, you type the following URL in the browser for WANJet1:
- Log on to the Web UI.
The user name is admin. The default password is admin. - In the navigation pane, expand Configuration and click Local WANJet.
The Local WANJet screen opens. - In the WANJet Alias box, type a name for the WANJet appliance. For example:
- Click the Save button.
Configuring multiple subnets
If your local area network has multiple subnets connected through a router, you need to configure the local router IP address and add the local subnets that you want to optimize to the WANJet appliance. You can add specific subnets, or you can optimize all local subnets.
Once the WAN link between the WANJet appliance pair is up, subnet specifications are automatically exchanged between the appliances. So, for example, the local subnets specified on WANJet1 appear as remote subnets on WANJet2, and local subnets on WANJet 2 appear as remote subnets on WANJet 1.
Before performing the following steps, verify that you require additional subnets, and decide whether you want to optimize all of them or selected subnets.
To configure multiple subnets
- In the navigation pane, expand Configuration and click Local WANJet.
The Local WANJet screen opens. - In the LAN Router box, type the router's IP address.
This address is the next-hop router in your LAN. - Click the Save button.
- In the navigation pane, expand Optimization and click Optimization Policy.
The Optimization Policy screen opens. - Check the Include WANJet Subnet box, if it is not already checked (by default, it is checked).
- Specify how you want to optimize subnets.
- Click the Add button beneath Local Subnet.
The Add Local Subnet screen opens in a separate browser window. - In the Local Subnet box, type the IP address for the subnet.
You can use the shorthand address format of, xxx.xxx.xxx.xxx/nn, to provide both the subnet address and the subnet mask. For example: - In the Netmask box, type the subnet mask. For example:
- In the Alias box, type a string to serve as a name for the subnet.
For example: - For Operational Status, click the Enabled button.
- Click the OK button.
The Optimization Policy screen displays with the new subnet in the list of local subnets. - Click the Save button.
- Repeat steps 7 through 13 to add as many subnets as required.
Where /24 means that the first 24 bits of the address must match the local subnet address and the address of any host in the subnet is defined by the last 8 bits of the address. For example, 175.16.2.6 is a valid address for the subnet defined in this configuration example.
Defining the second WANJet appliance as a remote WANJet appliance
After you finish adding subnets to the first WANJet appliance, define the second appliance as a remote WANJet appliance of the first one.
To define the second WANJet appliance as a remote WANJet appliance
- In the navigation pane, expand Configuration and click Remote WANJets.
The Remote WANJets screen opens. - Click the Add button.
The Manage Remote WANJet screen displays in a new browser window. - Leave the WANJet Type set to Single.
- In the WANJet IP box, type the IP address for the remote WANJet appliance. For example:
- In the WANJet Alias box, type a name for the remote WANJet appliance. For example:
- Leave the WANJet Port setting.
- In the Shared Key box, type the shared key that was assigned by the network administrator. The only requirement for the key is that it matches the key added for its partner on the corresponding system pair. For this example, you must use the same key when adding WANJet1 as a remote WANJet appliance to WANJet2.
- Leave the Local GRE IP and Remote GRE IP addresses blank unless you are using GRE tunneling between two routers with a one-arm WANJet appliance configuration.
- Click the OK button.
The browser window closes. - On the Remote WANJet screen, click the Save button.
The new remote WANJet appliance appears in the Remote WANJet appliance list.
Naming the second WANJet appliance
After you finish configuring the first WANJet appliance, you can configure the second WANJet appliance in the pair. The second WANJet appliance must already be installed as described in the Quick Start Card included in the shipping box.
To name the second WANJet appliance
- Into a browser, type the address and port for the second WANJet appliance. For example, you could type the following URL in the browser for WANJet2:
- Log on to the Web UI.
The user name is admin. The default password is admin. - In the navigation pane, expand Configuration and click Local WANJet.
The Local WANJet screen opens. - In the WANJet Alias box, you may type a name for the WANJet appliance. For example:
- Click the Save button.
Configuring multiple subnets on the second WANJet appliance
If you have defined a LAN router and added subnets for WANJet1, you must do the same for WANJet2, unless WANJet2 is on a simpler LAN. Refer to steps 1-11 in Configuring multiple subnets , for instructions.
Defining the first WANJet appliance as a remote WANJet appliance
After you have named the second WANJet appliance, define the first appliance as a remote WANJet appliance on the second WANJet appliance.
To define the first WANJet appliance as a remote WANJet appliance
- In the navigation pane, expand Configuration and click Remote WANJet.
The Remote WANJets screen opens. - On the Remote WANJets screen, click Add.
The Manage Remote WANJet screen displays in a new browser window. - In the WANJet IP box, type the IP address for the remote WANJet appliance. For example:
- In the WANJet Alias box, type a name for the remote WANJet appliance. For example:
- In the Shared Key box, type the shared key.
This key is assigned by the network administrator. The only requirement for the key is that it matches the key added for its partner on the corresponding system pair. For this example, you must use the same key when adding WANJet2 as a remote WANJet appliance to WANJet1. - Leave the settings as they are for WANJet Type and WANJet Port.
- Leave the Local GRE IP and Remote GRE IP addresses blank unless you are using GRE tunneling between two routers with a one-arm WANJet appliance configuration.
- Click the Logoff button.
- Close the browser window.
Testing connectivity
When the WAN link is established between the WANJet pair, the two WANJet appliances automatically exchange subnet specifications. For example, the local subnets that you specify for WANJet A become remote subnets for WANJet A in WANJet B's Remote WANJet appliance configuration information.
You can test the connectivity between the local and remote WANJet appliances by viewing the following details on each:
For additional information about WANJet appliance reports, such as those described in the following procedures, see Chapter 8, Monitoring Performance .
To view the status of the remote WANJet appliance
In the navigation pane, expand Reports and click Status.
A green light displays next to the IP address for remote WANJet appliances that are enabled and connected.
To view traffic passing through the network
To view diagnostics
Additional configuration tasks
The initial configuration steps described in this chapter are only the minimal steps you need to take to establish a WAN link between two WANJet appliances and start optimizing traffic between the two.
When you have completed the initial configuration steps, we recommend (but do not require) that you perform additional administrative tasks, such as the following:
You can also fine-tune the optimization policies for the WANJet appliances. Refer to Creating optimization policies , located in Chapter 6.
Troubleshooting
One of the first steps we recommend for troubleshooting the WANJet appliance is to create a system snapshot immediately. It provides detailed information about the WANJet appliance, including:
Refer to System Snapshots , located in Chapter 8, for information on taking a system snapshot. You can provide the system snapshot to the F5 Networks Technical Support team to help resolve technical issues.
Some common problems are listed in Table 4.1 . If you are experiencing an issue that is not included in the following table, contact http://www.f5.com/customer_support/ for assistance.
Issue
|
Suggested actions
|
---|---|
I cannot ping the WANJet appliance.
|
Verify that the computer from which you are pinging has a valid network connection.
Try pinging other known devices.
Verify that you are using the correct IP address for the appliance, by reading it from the LCD display.
|
I can ping the WANJet appliance, but I cannot ping the WAN gateway.
|
Verify that the cabling is connected properly, as described in the Quick Start Card.
Make sure that you connected the gateway router to the WANJet appliance's WAN port, using the supplied crossover cable.
|
I cannot see that the WANJet appliance is optimizing traffic, or the optimization is extremely low.
|
Review your configuration of local and remote subnets at both appliances. You might have heavy traffic on a subnet that is not included in the WANJet appliance's configuration. You must include all subnets for which traffic should be optimized.
|
My browser connection times out when I attempt to access the Web UI.
|
Check to see that you are accessing the correct URL for the Web UI. If you enter just http:// followed by the WANJet appliance's IP address, it will not work. You must connect to port 10000 using the secure HTTPS protocol. For example: https://123.123.123.123:10000/
|
When I attempt to access the Web UI, I get a Page Not Found error.
|
If you are certain that you entered the URL correctly and the WANJet appliance appears to be running, it may indicate that the computer from which you are running your web browser does not have access to the Web UI. Although the default setting grants access to all machines, that setting can be changed to limit access based on IP address.
Use the LCD to add your computer's IP address to the list for access. After that, use the Web UI to change the access settings. For instructions, see Granting Web UI access , located in Chapter 5.
|
I can access the Login screen for the Web UI, but my browser connection times out when I try to log on.
|
This issue can occur when the WANJet appliance is not able to access the RADIUS authentication server or when the Timeout and NRetry variables are set too high. See To configure the WANJet appliance for remote RADIUS authentication , located in Chapter 5.
Log on as a local user, using the admin user name and a default password of admin (note that the local administrator may have changed the default password). After you are logged in, in the navigation pane, expand Security and click Remote Authentication, and verify that RADIUS authentication is enabled.
Review the Timeout and NRetry values. F5 Networks recommends a value of 3 for each of these settings. If these settings are too high, authentication might take a long time to fail, causing the connection to time out. For information, see Configuring remote authentication , located in Chapter 5.
|
The Link LED (for the WAN or LAN port) does not light up.
|
Verify that the cables are installed properly on the WANJet appliance.
Check to see if the ports on the WAN router and the LAN switch connected to the WANJet appliance are set to autonegotiate. If either port is forced to a specific link speed and duplex value, you must set the WANJet port to match this value. For information about resetting the NIC configuration (link speed and duplex value) for a WANJet port, see Changing the interface speed , located in Chapter 6.
F5 Networks strongly recommends that if you force the link for one of the WANJet ports, you force the link for both ports. This prevents link problems in pass-through mode if power to the WANJet device is lost.
|