Skip to main content

Update F5 GeoIP

IP Geolocation Database

Used to control access to the VPN based on the physical location of the user connection. The database is updated monthly and doesn’t interrupt service.

F5 GeoIP Guide

Prerequisites

  1. SSH access to the F5 device, via bash. (Beware the Azure NSG rules)
  2. Access to my.f5.com and “HM Courts & Tribunals Service” account to download the latest GeoIP database.
  3. SFTP client to upload the database to the F5 device.

Instructions

These steps can be performed during working hours as they do not interrupt service.

Pre-Update

Confirm your F5 VPN is not active before proceeding Log into the F5 Web Admin portal using a web browser and note the current version BIG-IP Confirm your admin user account has access to the F5 device via SSH and if any IP access restrictions are in place Log into the MyF5 portal and download the latest GeoIP database Goto Resources > Downloads Set GROUP as BIG-IP Set Product Line and Product Version as per your F5 device Set GEOLOCATIONUPDATES_Edge Download the latest GeoIP database zip file and md5 file

Update GeoIP database

The following steps are to be in the shared directory, which is different from the /usr/share directory, which contains the default GeoIP database files.

Use a SFTP client to upload the GeoIP database zip file to the F5 device Place the GeoIP database zip and md5 files in the /shared/tmp directory

Connect to the F5 device via SSH and run the following commands: “`

mkdir /shared/GeoIP_backup

cp -R /GeoIP/* /GeoIP_backup/

cd /shared/tmp

md5sum -c .zip.md5

unzip .zip

This step will overwrite the update GeoIP database files, repeat for each rpm file in the zip archive geoip_update_data -f

geoip_lookup -f

Remove the now redundant zip, rpm and md5 files from temp directory rm -i


This page was last reviewed on 12 December 2024. It needs to be reviewed again on 12 June 2025 by the page owner platops-build-notices .
This page was set to be reviewed before 12 June 2025 by the page owner platops-build-notices. This might mean the content is out of date.