
Explore the details of the F5 101 exam, meet your instructor, compare the five 101 exam blueprint with our course flow, and set expectations while downloading course resources.
Understand the F5 101 exam as the entry point to the F5 Big-ip certification, detailing eligibility, no prerequisites, and coverage of networking, security, load balancing, and health monitors.
Meet an experienced instructor with a decade of teaching Cisco and EF five, delivering F5 Big-IP administration (LTM, GTM, DNS, APM) and fostering Docker, Kubernetes, security, and data center communities.
Discover who should attend and how F5 big-ip enables load balancing, security, and automation as a full application delivery controller, with 101 exam prep, labs, and whiteboard-driven discussions.
Review the F5 101 exam blueprint, outlining four sections, and note that networking topics are moved to the first part, with ADC discussions separated.
Explore the F5 Big-IP course flow, covering layer two to four networking, VLANs and tagging, routing and IP addressing, TCP vs UDP, NAT and DHCP, and ADC concepts.
Explore the F5 Big-IP lab topology and learn how to access the F5 BGP device and the client, with downloadable resources.
Explore the F5 big-ip lab on a mini computer running VMware ESXi, with a training server behind the F5 IP and Windows clients to test applications and load balancing.
Explore a three-network lab topology with internal, external, and managed segments, enabling access to the big-ip device and a Windows client via ssh, https, and remote desktop.
Set up and verify a lab environment for F5 BIG-IP administration, noting a free Udemy lab resource exists and that a hypervisor is required.
Explore the basics of networking from layer one to four of the OSI model, covering VLAN tagging, IP addressing, routing, and NAT, with downloadable resources and a practice exam.
Explore how mac and ip addresses form a two-host network, with a switch learning source macs and mapping to interfaces via com table and arp tables, covering layer one.
Configure trunking to carry multiple VLANs on a single uplink, enabling VLAN ten and VLAN 20, and isolate broadcast domains by port-based VLANs.
Explain 802.1q tagging and untagged interfaces, show spanning tree root bridge and blocking and designated ports to prevent loops, and introduce trunk link aggregation.
Explore minimal networking from the physical layer to layer two, including cables, hubs, switches, MAC addresses, and 802.1Q VLAN tagging. Learn ARP and DHCP concepts and the shift from RARP.
Master ip addressing and subnetting basics, including network vs host id, the slash 24 network, and deriving network and broadcast addresses from 192.168.1.0/24.
Borrow bits from 192.168.1.0/24 to form a /23 with 510 usable hosts. Create a /30 for two hosts (192.168.1.1 and 192.168.1.2) on a class C network, illustrating network versus subnet.
Demonstrates converting prefixes to netmasks for IP addressing and subnetting, with examples like 192.168.1.0/24, 192.168.0.0/23, and 192.168.1.0/30, and configuring 172.16.0.0/16 class B private network.
explains broadcast, multicast, unicast, and anycast with examples across vlans 10 and 11 and networks 192.168.1.0/24 and 192.168.17.0/24, including the global broadcast.
Explore how IP addresses identify hosts and networks, differentiate public and private IPv4 ranges, classful addressing (A/B/C), and the basics of IPv6 formatting and subnetting concepts.
Explore static versus dynamic routing by building a multi-router network, enabling OSPF, advertising 10.0.2.0/24 and 192.168.234.0/24, and achieving convergence through neighbor relationships.
Explore inter-VLAN routing concepts using two networks (192.168.1.0/24 and 192.168.20.0/24) and three deployment options: dedicated router, router-on-a-stick with 802.1q, and layer 3 switch with svi.
Explore the IPv4 header fields, including TTL, protocol, header checksum, and fragmentation flags, and examine ICMP's role in reachability, error reporting, and echo requests and destination unreachable types.
Explore how TTL prevents routing loops at layer three by decrementing per hop, triggering ICMP time exceeded, and compare default TTL values across Windows, Linux, and Cisco devices.
Explore layer three concepts, including IP addressing, routing tables, and best path selection, to understand how routers, layer three switches, firewalls, and hosts forward data.
Plan and implement a two-network F5 big-ip setup by creating internal and external vlans, assigning interfaces, and configuring self IPs and floating IPs to enable cluster failover.
Delete existing self ips and vlans, adjust high availability and synchronization, then create internal and external vlans and self ips, enable floating ips, and verify reachability and routes.
Configure adc networking part 3 by creating internal and external vlans, assigning interfaces 1.2 and 1.1, and setting floating and non-floating self ips. Verify reachability to servers and client pc.
Explore how the transport layer uses TCP and UDP, focusing on TCP's three-way handshake (SYN, SYN-ACK, ACK) and data transfer with PUSH and termination via FIN or RESET.
Explore TCP flow control and window size as the server and client exchange segments and acknowledgements, revealing how the receiver's buffer and zero window conditions regulate data transmission.
Explore transport layer concepts such as end-to-end reliability, segmentation, and windowing; compare TCP and UDP, examine the three-way handshake and flags, and review common port usage for web and email.
Learn how nat enables private networks to access the internet by translating inside local addresses to inside global addresses, via 1-to-1, many-to-one, and many-to-many mappings.
Explain how dhcp automatically assigns ip addresses, using discover, offer, request, and acknowledge, and how relay agents support multiple vlans and common dhcp options.
Explore application delivery controllers and proxy server types, then learn ADC features like load balancing, health monitors, profiles, and high availability through lab demonstrations and downloadable resources.
Explore proxy servers that sit between clients and application servers, covering forwarding http proxies for traffic with authentication, authorization, caching, and filtering, reverse proxies as load balancers, and half proxies.
Full proxy servers maintain two connections and inspect both requests and responses. Decrypt encrypted data, enable load balancing, and apply content filtering, caching, blocking, and monitoring.
Explore the ADC as a data center device that centralizes load balancing, SSL offload, and web application firewall across hundreds of servers for secure, optimized delivery.
Master Big-IP adc overview: ltm load balancing with health monitoring, persistence, and layer seven traffic management; plus ssl offloading, application acceleration, and integrated security features like esm, afm, and waf.
Explore the F5 big-ip ADC overview, including login, system information, partitions, and configuration options for DNS, LTM, SSL orchestrator, local traffic, and high availability.
Learn to configure user accounts and roles, set passwords and access levels, and manage licensing, resource provisioning, and basic network and high-availability settings using the setup wizard.
Explore static and dynamic load balancing types, including round robin, ratio, list connections, observed and predictive methods, and concepts like persistence and layer seven requests.
Master priority group activation to route traffic to the highest value pool members and understand active standby, available members, and fallback http redirect when pools fail.
Configure load balancing in ADC by defining nodes, pool members on port 80, and a pool, then associate a virtual server to the pool and test distribution across three servers.
Configure adc load balancing with ratio member and priority group activation, set available members to two, assign priority values to pool members one and two for even traffic.
Configure load balancing in adc using ratio mode, adjust priority groups for pool members, verify distribution across three pool members, and learn how default node ratios produce round-robin behavior.
Configure health monitors to track pool member health and prevent downtime by marking offline servers. Explore monitor types: address (icmp), service (tcp), and content (http) used in load balancing.
Configure Big-IP health monitors with interval and timeout, apply to pools, and use ICMP, TCP, and HTTP checks; interval is five seconds with timeout as interval times three plus one.
Configure http pool health monitors, monitor statuses on the network map, and use system defined monitors with per member overrides to differentiate available, unknown, and offline states.
Create a custom base http monitor to validate pool member health by matching a receive string or regex, adjust interval and timeout, and verify load balancing across three pool members.
Configure and test health monitors for nodes and pool members in F5 BIG-IP, using default and node-specific monitors, such as icmp, http, and ftp, and validate status.
Explore how ftp command and data channels operate and how a big-ip virtual server uses ftp and http profiles to manage ftp and http traffic with cookie persistence.
Learn how f5 big-ip terminates https with client ssl profiles, offloading ssl processing and decrypting traffic for inspection and load balancing, while backend pool members use http.
Configure profiles to learn and control network and application behavior, covering http, ftp, dns, and layer four tcp/udp, with dependencies and ssl termination for offloaded processing.
Configure an FTP profile and virtual server on the F5 BIG-IP, test login with FileZilla, fix the data channel failure by applying the system FTP profile, then download test.txt.
Configure a https virtual server and pool, add pool members, and test http and https traffic. Enable client and server ssl profiles to terminate ssl at the big ip.
Explore how persistence pins client requests to a pool member using source address persistence and related types, including cookie, destination address affinity, and SSL persistence.
Explore cookie persistence in big-ip with a virtual server, including http cookie insert, rewrite, and passive options. Learn how always send cookie affects persistence, pool member selection, and browser storage.
Configure and verify source address persistence on an F5 BIG-IP server using the default persistence profile and custom based persistence, with round-robin load balancing and CLI/UI persistence checks.
Configure custom source address persistence with source address affinity and a /24 IPv4 prefix, test with two IPs, and verify both map to the same pool member.
Configure cookie persistence for https vts and http vts, ensuring load balancing across pool members while understanding the default big ip cookie name and how to decode it.
Learn how iRules, built on TCL, create custom functionality for virtual servers, enabling custom logging, pool and server selection, http to https redirection, and universal persistence.
Learn to write iRules with operators, inspect tcp payload and http headers, and forward traffic to pools based on source ip and user agent.
Configure iRules and pools in the f5 big-ip gui to route by client ip, creating three port 80 pools and validating round-robin load balancing with persistence disabled.
Configure iRules to route traffic by http request events, using user agent header to steer to specific pools, and associate http profiles to enable browser-based load balancing.
Explore F5 high availability concepts, including active standby and active active device pairs, synchronization of pools and virtual servers, and failover with heartbeat to maintain uptime.
Compare active standby and active active configurations on a Big-IP, using virtual addresses and traffic groups to move services between devices while load balancing pool members.
Reconfigure https, re-associate http pool, enable source address translation with auto map, push configuration to the second big-ip, and await initial sync to establish a sync failover device group.
Create a floating self IP and a second traffic group (tg2), assign the floating IPs and virtual address to tg2, then synchronize devices to enable an active-active pair.
Master maintaining a F5 Big-IP appliance with device and software upgrades, using eHealth, performing traffic flow analysis, and monitoring configuration objects for exam readiness.
Navigate the f5 big-ip cli, using advanced shell and html shell via ssh or console, to manage configuration objects such as pools, virtual servers, monitors, and nodes.
Compare GUI and CLI views of LTM statistics, including pools and members with bits, packets, connections, and requests; explain show detail in CLI and GUI logging.
Access Big IP CLI via management IP using SSH, review self IP port lockdown, and explore Linux bash with TMS and LTM monitoring tools such as big top and tcpdump.
Create and verify a virtual server in the BIG-IP LTM module, using create and list commands, enable tab completion, and save the configuration to persist changes.
Explore how to view and interpret statistics in the virtual server list, including bits, packets, and connections per virtual server, pool member statistics, and cli-based monitoring and bulk configuration.
Upgrade network devices and software to fix viruses, bugs, and enable new security features, following F5 Big-IP upgrade steps—from selecting a version to installing on a new volume and activating.
Upgrade BIG-IP hardware and software to improve compatibility, features, and scalability, and apply best practices such as case opening, notes review, licensing, backup, testing, and staged upgrades.
Upgrade the big-ip software image from 13.1.3 to 14.1.2 by importing, installing on the boot volume, and activating the new image. Verify the upgrade with show version.
Describe how a client's http request uses a virtual server and pool member, with tcp handshake and load balancing, then translates back to the virtual server ip and port.
Explore how SNAT translates client requests via auto map and floating self IPs, with pool members and internal addresses. Examine 1-to-1 NAT, static map, and SNMP traffic graphs.
Demonstrate traffic flow in a f5 big-ip setup by testing http and https virtual servers, observe source address translation behavior, and verify server-side client ip persistence.
Analyze traffic reports across system utilization, throughput, and connections to interpret cpu and memory trends, observed bytes in/out, and ssl activity over multiple days.
Explore BIG-IP object status icons, including available, unknown, enabled but unavailable, offline, disabled, and force offline, and compare disabled with force offline and manual resume implications.
Use netstat with tcp/udp, listen, and no-name flags to view services on the BIG-IP device, including dns, httpd, sshd, ntpd, and i query services for clustering and high availability.
Configure nodes, pools, and virtual servers in the adc, enable http and udp health monitors, and observe status inheritance from pool to virtual server.
Enable connection limits on each SSH pool member to two, switch to round-robin load balancing, and observe status changes from yellow triangle to green available via node health monitors.
Enable all nodes, verify http and ssh pool statuses, then test persistence and force offline versus disable to show how active connections persist while new ones are affected.
Explore iHealth, the BIG-IP diagnostics tool for device status and availability, and learn to generate, view, and upload health views via GUI and eHealth with CSV/PDF reports.
Download a qkview diagnostic file from the Big-IP system, then upload it to the eHealth portal to view the device entry and diagnostic information.
Assess diagnostics with upgrade notes to version 15.1.0.2 and download reports, then review three virtual servers, configuration objects, and graphs of active connections, http requests, memory, and CPU.
Review diagnostics to view vulnerabilities and mitigations for Big-IP and Big-IQ, including secure password enforcement and upgrade guidance from diagnostic information and links.
Explore applications such as HTTP, HTTPS, DNS, and SNMP, and examine network security technologies like virtual private networks using TLS/SSL. Download resources for this section.
Explore the application layer of the tcp/ip model, client–server communication, and key protocols and ports such as dns, dhcp, smtp, pop3, imap, snmp, ftp, ssh, http, and https.
Explain http as a tcp-based protocol on port 80 that delivers dynamic and interactive content, outline the client–server model with urls, DNS translation, and web servers like Apache, IIS, Nginx.
See how a client and web server complete a TCP handshake, issue HTTP requests, and serve HTML via a lamp stack with Linux, Apache, MySQL, PHP, and JavaScript.
Explain how http messages consist of start line, headers, and body for requests and responses, including methods like get and post, status codes, and common headers.
Bypass the F5 big-ip device to test direct HTTP traffic from a Windows client to internal web servers, and dissect HTTP requests and responses using browser developer tools.
Discover how http runs over tcp on port 80 as a connectionless, stateless client–server protocol, with methods, headers, and status codes guiding browser–server interactions.
Explain the differences between http, https, ssl, and tls, how https adds privacy to prevent man-in-the-middle, and how an ssl certificate enables secure client-server communication.
Explain how https uses public and private keys and digital certificates to establish trusted, encrypted communication between client and server, including certificate authority validation and secret-key exchange.
Explain how a certificate authority signs a server's CSR to issue a trusted certificate, enabling browsers to verify identity via trusted CAs and public-key cryptography.
Explore how digital certificates prove public key ownership and establish trust with certificate authorities, enabling TLS/SSL for secure client-server communications and supporting X509 formats like .crt and .p12.
Learn how https protects data by encrypting http traffic with TLS/SSL to prevent man-in-the-middle attacks and eavesdropping.
Explain how a site-to-site ipsec vpn connects two branches over the internet. Define interesting traffic between 192.168.10.0/24 and 192.168.20.0/24 and describe phase 1 and phase 2 with ah and esp.
Explore remote access vpn options for tele workers, including client vpn and ssl vpn, enabling secure access to company resources over the internet.
Explore ipsec vpn as a secure protocol suite for data confidentiality, authentication, and integrity over the internet; compare site-to-site and remote access vpn, including ssl vpn and gre ipsec variants.
Learn how the domain name system maps names to IP addresses, using port 53 over TCP/UDP, via local DNS, root servers, TLDs, and data center name servers, with caching.
Local dns queries reach the root name server to validate domains like .com, then zones and authoritative servers manage domain data, emphasizing redundancy and security to keep services reachable.
Master network time protocol (NTP) for time synchronization across devices using UDP or TCP. Ensure accurate logs, troubleshoot events, and secure digital certificates for F5 Big-IP and other devices.
Configure syslog to forward messages to a central syslog server on UDP port 514, labeling entries with facility codes and severity levels for real-time viewing via console or SSH.
Explore SNMP architecture with agents and a network management system, and learn how traps and get/set requests monitor devices, report outages, and support version 1, 2c, and 3 security models.
Troubleshoot network applications on a 5g device with exam-style questions, receiving detailed explanations and live demonstrations, and download resources to reinforce learning.
Troubleshoot layer 1 connectivity in a high-availability big ip active/standby pair; diagnose miss status on interface 1.3 despite 1.1 up, and resolve by upgrading to 11.4.1 or applying hotfixes.
Identify layer 1 connectivity issues on BIG-IP part 2, analyzing interface 1.2 down while 1.1 stays up, and consider manual shutdown, bad cable, and speed or duplex mismatches.
Troubleshoot latency for http applications by examining a three-server http pool, its virtual server and interface status, noting drops on an active interface point to a layer 1 issue.
Explore layer 1 connectivity issues using a layer two switch scenario, diagnosing collisions caused by duplex misconfigurations and auto negotiation, and contrasting half and full duplex to prevent collisions.
Identify common layer one issues, including cabling faults, bad cables, incorrect cable specifications, incorrect media, and auto detect speed and duplex mismatches that cause interface down and collisions.
Troubleshoot layer 2 connectivity by enabling 802.1q tagging to carry VLANs 10, 20, and 30 between the switch and the big IP device, enabling self IPs to reach their servers.
Debug 802.1Q communication on BIG-IP interface 1.3 by creating VLANs 10, 20, 30 and mapping each to a self IP to resolve server reachability.
Explore how a layer three switch routes between VLAN ten and VLAN twenty, and why missing a default gateway on the server blocks ARP entries until you configure it.
Enable mac masquerading under device management to update mac address tables via gratuitous arp during active-standby failover, ensuring correct forwarding from switches to the virtual address.
Identify common layer 2 misconfigurations, including VLAN mismatches and 802.1Q tagging. Verify ARP resolution, interface status, and proper tagging on switches and Big-IP devices.
Explore layer three connectivity by analyzing two servers with /21 subnets, routing table entries, and subnet calculations to identify the correct route option, with option D being correct.
Diagnose layer 3 connectivity issues in a BIG-IP environment by identifying missing health monitors on the pool and an incorrect route entry for server two, causing intermittent web access.
Trace traffic with tcpdump to uncover a layer 3 connectivity issue: SNAT is not enabled, causing the server to see the floating IP instead of the 10.1.1.0/24 range.
Use netstat to verify port 443 versus port 80 on the server, distinguishing server listening issues from network problems affecting https traffic to the virtual server.
Troubleshoot a big-ip http pool behind the http virtual server by verifying nodes, pool members, and health monitors, then use tcpdump to analyze port 80 traffic.
Enable http caching on the BIG-IP to store images, CSS, and JavaScript in memory, reducing repeated requests and server load. Understand that http compression, by contrast, compresses the response body.
Explore http status codes and their categories, and see a practical 302 redirect from http to https via an idle redirect on a virtual server, verified with developer tools.
Explore practical HTTP troubleshooting using real internet examples, identifying 404 not found, 401 unauthorized, and 502 bad gateway errors, and using browser dev tools to dissect requests and responses.
Troubleshoot F5 Big-IP by verifying logs in /var/log, checking the LTM log file, and using df to identify disk space issues that stop log messages during BGP troubleshooting.
Learn how to generate and download a qq view file from the cli when gui access to the Big-IP is unavailable, and transfer it for support.
Investigate BIG-IP overutilization with a three-server pool and round robin; source address affinity persistence causes traffic to stick to server one when many clients share a single IP.
Show how an http pool, used by a virtual server, cannot be deleted until detached and the virtual server's default pool is set to none.
Diagnose the dns resolution issue preventing the big-ip from reaching the ihelp portal using ping, traceroute, and dig, then add dns entries in system configuration to restore connectivity.
Configure http based health monitors for pools and virtual servers, avoid monitors on individual pool members, and use CLI and network map tools for real-time diagnostics.
Wraps up core network technologies, OSI layers 1–4, switching, routing, IP addressing, subnetting, and TCP/UDP. Also covers configuring F5 BIG-IP ADC, including load balancing, persistence, i rules, monitoring, and troubleshooting.
Plan your F5 101 exam using the blueprint, identify gaps, and leverage official study guides, the knowledge base, and a personal lab for hands-on practice.
Register to create your F5 candidate profile linked to a Pearson VUE account, then book the 90-minute, 80-question exam for $180 plus tax with retake waits and a 245/350 pass.
Develop your F5 certified administrator credentials (F5ca, BIGIP) with F5 101 guidance and the upcoming F5 201 course, as an experienced instructor helps you pass on the first attempt.
Celebrate completing the course by inviting feedback, requesting five-star ratings, and encouraging friends to explore other courses on cloud data center and cyber security.
Celebrate completing the course, stay engaged by asking questions, and connect with me on LinkedIn after passing the F5 101 application delivery fundamentals exam.
IMPORTANT! This course still valid for the F5 Exam updates.
Welcome to F5 Certified BIG-IP Administrator (F5-CA, BIGIP) Preparation Course. This Exam is the first step to achieve F5 Certified BIG-IP Administrator.
This course will help you pass 3 exams and this will also provides you a solid foundation in various areas of IT.
F5CAB1 - BIG-IP Administration Install, Initial Configuration, and Upgrade
F5CAB2 - BIG-IP Administration Data Plane Concepts
F5CAB3 - BIG-IP Administration Data Plane Configuration
F5 Certified BIG-IP Administrator is one of the top certifications in Networking and it also enables skills in Linux, Applications and Security.
This 17 hour course will help you understand the underlying technologies running in our Data Center.
This includes Networking, Linux, Security, Applications, and Proxy Services.
This course is filled with Whiteboard discussions and Config Demonstration. This will help you better understand the concepts of Networking, Applications and Security. You will also be provided Practice Exams in every section to help you ACE the actual F5CAB1, F5CAB2, F5CAB3.
I am proud to be one of the few instructors in Udemy who records themselves during the course delivery. Whether I am presenting, whiteboarding or doing lab demonstration, you will always see me. I do this so that I will be more CONNECTED TO YOU.