Friday 19 June 2015

Resetting an F5 Networks Big-IP System's Root Password from the Console

I was recently asked to configure a pair of F5 Big-IP's for a customer, the Big-IP system is something I have only limited exposure to but as I know Citrix NetScaler (which is also an ADC) I thought the concepts would be pretty similar, which they are!

I did a configuration using the Big-IP virtual appliance in ESXi so that I could test the functionality using emulated networks etc. So the plan was to export the config and then replace the config on the new box, thus saving time going through all the steps again. I made a stupid mistake in that I tried to restore the config (which had services such as SNAT enabled) to a device with nothing other than the base license. So in short when the device rebooted it hung at this stage.

I opened a console session which is where I realized my problem.

My next plan was to factory restore the device and start again. After I pasted on the config something weird happened with the logins, both the administrators and the root passwords would not work, either from the new config or the old one.

Quick job turns into an episode, so I had to reset the root password to factory reset the device. To do this open a console session (I had to set my BAUD rate to 19200 for it to work) and then hard reset the device. Break the boot sequence and highlight your operating system image and press E.

Resetting an F5 Networks Big-IP System's Root Password from the Console

From the sub menu highlight the line that start kernel /boot/l/vmlinuz and press E again.

Type the word single onto the end of the string on the page, and hit enter, this will take you back to the main page.

Press Esc to get back to the main boot screen and hit enter while you are on the operating system image, this will boot the F5 into single user mode in which you can reset the password.

You will be prompted from logname: no login name.

Type passwd to launch the password reset script, set the password and then type reboot to cycle the device. When it comes back up you should be able to get in with your root account and the new password.