For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

JWhitesPro_1928's avatar
JWhitesPro_1928
Icon for Cirrostratus rankCirrostratus
Jul 05, 2016

AFM Rule Evaluation

It seems in the back of my mind I am forgetting why this happens but I have an ACL similar to this, in this order:   1 - Allow tcp/443 from particular sources (some address lists, geo-ip etc) (act...
AFM
security
JWhitesPro_1928's avatar
JWhitesPro_1928
Icon for Cirrostratus rankCirrostratus
Jul 06, 2016
Additionally I ran this command in the CLI against all the IP addresses that have shown as hitting the (default) rule and they all return that they match the first acl in the list...but reporting on the BIG-IP seems to think otherwise... show /security firewall matching-rule source-addr "clientip" source-port any dest-addr "my vs ip" dest-port 443 vlan /Common/MY_VLAN protocol tcp