AFM configuration file

Question

Can we configure the rules using AFm configuration file is possible? I have a list of firewall rules to be implemented ( looong list) and it will be great if it can be append in the configuration file.&nbsp;
-Jinshu&nbsp;

stanislas_piro2 · Answer

Hi,
you can configure AFM rule using tmsh...
create firewall Host object with create security firewall address-list Host1 addresses add { 1.2.3.4 }create firewall Network object with create security firewall address-list Network1 addresses add { 1.2.3.0/24 }create firewall Service object with create security firewall port-list RDP ports add { 3389 }create a firewall policy create security firewall policy MyPolicy create a firewall policy rule modify security firewall policy MyPolicy rules add { rule1 { ip-protocol tcp source { address-lists add { Network1 } } destination { address-lists add { Host1 } port-lists add { https }} action accept log yes  place-after last}} 
I converted a 500 rules ASA configuration to AFM with these tmsh commands.

Forum Discussion

AFM configuration file

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP in https that redirect to another vip in https

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

Unblock Request WAF

F5OS login with admin/root failed via console

TLS handshake failure from BIG-IP to backend – Fatal Alert: Decode Error (Server SSL)

Related Content

Introduction to F5 BIG-IP Advanced Firewall Manager (AFM)

Configuring BIG-IP AFM firewall policies and rules with Ansible

F5 BIG-IP AFM and FireMon Integration Guide

Protecting the F5 BIG-IP AFM system with AFM Protocol Inspection System Checks

Enriching AFM with public domain Threat Intelligence

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS