For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Lapsio's avatar
Lapsio
Icon for Altostratus rankAltostratus
Nov 18, 2018

Exposing F5 dashboard publicly?

Is it possible to expose F5 dashboard publicly (or at least with really minimal access to F5 Configuration Utility)? I'd like to expose it to machine displaying dashboards on display wall yet I would...
access control
BIG-IP
dashboard
permissions
security
Simon_Blakely's avatar
Simon_Blakely
Icon for Employee rankEmployee
Nov 18, 2018

Another related topic would be: is it possible to expose dashboard on other vlan than management? For example as conventional Virtual Sever in some other network with destination pointing to F5 management IP?

 

If you allow HTTPS in the port lockdown settings of a self-ip, you can access the Configuration utility via that self-IP.

 

How to expose dashboard without requiring authentication / requiring different authentication than F5 Configuration Utility

 

There is no mechanism for doing this.

 

Is there any lower permissions level for account in F5 than Guest that allows dashboard access or can this role permissions be even reduced to access only selected statistics required for dashboard operation?

 

Guest and Auditor are the only Read-Only user roles. Manual Chapter: User Roles

 

There is no fine-grained user-role access control for the Configuration utility.

 

The RestAPI does allow for fine-grained roles control

 

iControl REST Fine-Grained Role Based Access Control

 

and you can extract device statistics via iControl

 

Getting Started with iControl: Working with Statistics

 

Take a look at Ps Icontrol Dashboard for an example using Powershell