Implementing BIG-IP DNS Sync Group Using CA-Signed Certificate

GSLB Configuration (Figure 2)

• DNS205: Add GSLB Object
• DNS205: Create GSLB Sync Group
• DNS207: gtm_add script

Issue with using “gtm_add script” (Figure 3)

• The gtm_add script will be failed, because GTM207 is failed to establish iQuery connection to GTM205
  • iQuery connection to 100.0.0.21 failed.
• We need to import manually the Root CA certificate and Sub CA certificate (if there is)
  • GTM205
    • System ›› … Device Trust Certificates: TrustMe Intermediate CA L1M, TrustMe Root CA
  •  GTM207
    • System ›› … Device Trust Certificates: TrustMe Intermediate CA L1M, TrustMe Root CA
    • DNS ›› … Trusted Server Certificates: TrustMe Intermediate CA L1M, TrustMe Root CA

Certificates Exchanged & End Result (Figure 4)