F5 Base System Template

Download Template
F5 BIGIP 11.6.0 HF4 tested.

cstubbs
March 16, 2015

































sys management-ip %{MANAGEMENT_IP}%/%{MANAGEMENT_IP_BITS}% { }
sys management-route default {
    gateway %{MANAGEMENT_DEFAULT_GATEWAY}%
    network default
}
net vlan VLAN-External-1 {
    description "External Network 1"
    interfaces {
        1.1 {
            tagged
        }
    }
    tag %{EXTERNAL_VLAN_TAG}%
}
net vlan VLAN-Internal-1 {
    interfaces {
        1.2 {
            tagged
        }
    }
    tag %{INTERNAL_VLAN_TAG}%
}
net vlan VLAN-Failover-1 {
    interfaces {
        1.3 {
            tagged
        }
    }
    tag %{FAILOVER_VLAN_TAG}%
}
net self SELF-IPv4-External-1 {
    address %{EXTERNAL_LAN_IPv4}%/%{EXTERNAL_LAN_IPv4_BITS}%
    traffic-group traffic-group-local-only
    vlan VLAN-External-1
}
net self SELF-IPv6-External-1 {
    address %{EXTERNAL_LAN_IPv6}%/%{EXTERNAL_LAN_IPv6_BITS}%
    traffic-group traffic-group-local-only
    vlan VLAN-External-1
}
net self SELF-IPv4-Internal-1 {
    address %{INTERNAL_LAN_IPv4}%/%{INTERNAL_LAN_IPv4_BITS}%
    traffic-group traffic-group-local-only
    vlan VLAN-Internal-1
}
net self SELF-IPv6-Internal-1 {
    address %{INTERNAL_LAN_IPv6}%/%{INTERNAL_LAN_IPv6_BITS}%
    traffic-group traffic-group-local-only
    vlan VLAN-Internal-1
}
net self SELF-IPv4-Failover-1 {
    address %{FAILOVER_LAN_IPv4}%/%{FAILOVER_LAN_IPv4_BITS}%
    allow-service {
        default
    }
    traffic-group traffic-group-local-only
    vlan VLAN-Failover-1
}
net route ROUTE-IPv4-Default-1 {
    gw %{DEFAULT_GATEWAY_IPv4}%
    network default
}
net route ROUTE-IPv6-Default-1 {
    gw %{DEFAULT_GATEWAY_IPv6}%
    network default-inet6
}
ltm node NODE-IPv4-Log-Server-1 {
    address %{LOG_SERVER_IPv4}%
}
ltm pool POOL-IPv4-Log-1 {
    members {
        NODE-IPv4-Log-Server-1 {
            address %{LOG_SERVER_IPv4}%
        }
    }
    monitor gateway_icmp
}
sys log-config destination remote-high-speed-log LOG-HSL-UDP-1 {
    pool-name POOL-IPv4-Log-1
    protocol udp
}
sys log-config destination remote-syslog LOG-Syslog-UDP-1 {
    format rfc5424
    remote-high-speed-log LOG-HSL-UDP-1
}
sys log-config publisher LOG-PUBLISH-HSL-1 {
    destinations {
        LOG-HSL-UDP-1 { }
    }
}
sys log-config publisher LOG-PUBLISH-Syslog-1 {
    destinations {
        LOG-Syslog-UDP-1 { }
    }
}
sys sshd {
    allow { 10.0.0.0/8 }
}
sys software update {
    auto-check enabled
    frequency weekly
}
sys snmp {
    agent-addresses { tcp6:161 udp6:161 }
    allowed-addresses { 127. 10. }
    communities {
        snmp_community_1 {
            community-name %{SNMPv2c_COMMUNITY}%
        }
    }
    sys-contact "%{SNMP_SYS_CONTACT}%"
    sys-location %{SNMP_SYS_LOCATION}%
    traps {
        trap_destination_1 {
            community %{SNMPv2c_TRAP_COMMUNITY}%
            host %{SNMPv2c_TRAP_DESTINATION}%
        }
    }
}
sys smtp-server SMTP-Relay-1 {
    from-address %{SMTP_FROM}%
    local-host-name %{SMTP_HOSTNAME}%
    smtp-server-host-name %{SMTP_RELAY}%
}
sys outbound-smtp {
    mailhub %{SMTP_RELAY}%
}
sys ntp {
    servers { %{NTP_SERVER_1}% }
    timezone %{TIMEZONE}%
}
sys dns {
    name-servers { %{DNS_SERVER_1}% %{DNS_SERVER_2}% %{DNS_SERVER_3}% }
    search { localhost %{DOMAIN_NAME}% }
}

You must be logged in to comment.