For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

kgaigl's avatar
kgaigl
Icon for Cirrocumulus rankCirrocumulus
Apr 02, 2025

DNS Request to VS?

Hello, we found on our Firewall lots of DNS-Requests from the floating IP to some VS (with ASM-Policy). Now we want the Firewall to only allow DNS-Requests to the known DNS-Servers. Question: is t...
application delivery
dns
LTM F5
security
Jmtaylor's avatar
Jmtaylor
Icon for Moderator rankModerator
Apr 24, 2025

kgaigl​ 

 

Hello here is some information that I was able find (Formatting generated by AI)  

https://my.f5.com/manage/s/article/K15430

https://my.f5.com/manage/s/article/K21272

https://my.f5.com/manage/s/article/K13221

 

 

You can check and modify the DNS Resolver settings in the BIG-IP UI (Configuration Utility) by following these steps:

  1. Log in to the Config-Utility (GUI):
    • Open a browser and navigate to your BIG-IP management IP or hostname (e.g., https://<management-ip>).
    • Log in with your management credentials.
  2. Navigate to the DNS Resolver Settings:
    • Go to System > Configuration > Device > DNS.
    • Check the settings under DNS Resolver or System DNS configuration.
    • Verify the listed DNS servers are the expected ones.
  3. Check Virtual Server (VS) and ASM Policies:
    • Navigate to Local Traffic > Virtual Servers to review the virtual server bound to the floating IP.
    • Locate the associated DNS Resolver profile, if any, and associated policies.
    • For ASM: Under Security > Application Security > Policy Building or Policies, ensure policies are configured correctly and not triggering unintended DNS lookups.

 

You can check and modify the DNS Resolver settings in the BIG-IP UI (Configuration Utility) by following these steps:

  1. Log in to the Config-Utility (GUI):
    • Open a browser and navigate to your BIG-IP management IP or hostname (e.g., https://<management-ip>).
    • Log in with your management credentials.
  2. Navigate to the DNS Resolver Settings:
    • Go to System > Configuration > Device > DNS.
    • Check the settings under DNS Resolver or System DNS configuration.
    • Verify the listed DNS servers are the expected ones.
  3. Check Virtual Server (VS) and ASM Policies:
    • Navigate to Local Traffic > Virtual Servers to review the virtual server bound to the floating IP.
    • Locate the associated DNS Resolver profile, if any, and associated policies.
    • For ASM: Under Security > Application Security > Policy Building or Policies, ensure policies are configured correctly and not triggering unintended DNS lookups