For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

jknock6560's avatar
jknock6560
Icon for Altostratus rankAltostratus
Jun 05, 2025

F5 Internal IPs Nessus Scans

I am confused.  I scan my Virtual BIG-IP F5s via a NESSUS scanner.  It appears the scanners scans the "MGMT" ip for both VEs.  I assume the MGMT IPs are the ones on top left when you open the GUI?  I...
scanners
Injeyan_Kostas's avatar
Injeyan_Kostas
Icon for Nacreous rankNacreous
Jun 06, 2025

Hello,

you can see self and floatring IPs under Network Self IPs.
But as said if allow none is selcted in port-lockdown F5 will drop the request.

This is the default behaviour and you shouldn't allow anything in self ips unless specifically needed.

  • jknock6560's avatar
    jknock6560
    Icon for Altostratus rankAltostratus
    Jun 09, 2025

    So if allowed in settings then the scan should be allowed and will scan correct? Should the setting be changed after each scan for security reasons? 

    • Injeyan_Kostas's avatar
      Injeyan_Kostas
      Icon for Nacreous rankNacreous
      Jun 09, 2025

      Technically yes 

      But why mgmt interface isn't enough?

      • jknock6560's avatar
        jknock6560
        Icon for Altostratus rankAltostratus
        Jun 09, 2025

        We think when it scans MGMT the results are double Vulnerabilities.  Just to verify also - is the mgmt IP the one on top left when you log into GUI? the internal IP the one which might start with HA_etc...?