Forum Discussion
Firewall rules for F5 Security update
I am implementing ASM in our environment. But when I check the security updates, last security update was on 2016!!!. We need to ask our network team to make relevant changes on firewall to allow F5 updates. Can anyone help me with the rules?
- youssef1
Cumulonimbus
Hi,
Allowing signature updates through a firewall:
Host servers (Destination):
- port 443
- port 443
And of course you have to resolve public host (DNS access).
You have all information you need in this KB:
https://support.f5.com/csp/article/K8217
You can also process your update trough an proxy, it's describe in the KB that i give you above.
Let me now if you need more details.
Additional information, The source IP address of the resulting traffic uses either a non-floating self IP address or the management IP address, depending on the matching route. If Internet access is not available for automatic updates, error messages similar to the following examples are reported in the Configuration utility and logged in the /var/log/asm.
Regards
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com