Forum Discussion

Nimbostratus

Feb 01, 2011

Configuration management

I would like to restrict configuration changes to a single LTM unit in a HA pair. Is this possible and if so could anyone point me in the right direction on where to start? Thanks

config

design

hoolio

Cirrostratus

Feb 01, 2011

To restrict config changes to the active unit only, you could enforce an ACL that only allows access to the floating self IP(s) on the VLAN(s) you want admin traffic on. This wouldn't account for direct access to the management port, but you could optionally lock that down to specific source networks.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Configuration management

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

F5 DNS Logs in JSON Format

APM - Portal access - Issue

How to configure ssh access by key on F5OS

ASM/AWAF declarative policy

Help with an iRule to disconnect active connections to Pool Members that are "offline"

Related Content

Automating Certificate Management on F5 BIG-IP

Automating ACMEv2 Certificate Management on BIG-IP

Manage F5 BIG-IP Advanced WAF Configuration Drift with webhooks and GitOps

Configuring Smart Card Authentication to BIG-IP Management Interface

High Availability for F5 NGINX Instance Manager in AWS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS