For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

MB1's avatar
MB1
Icon for Nimbostratus rankNimbostratus
Oct 22, 2019

Help with securing self ip's and forwarding virtual server for a DMZ server using non-http

I have external DNS servers on private IP's in a DMZ vlan. Normally, for servers behind the F5 we just use Automap and the servers default gateway points at the Firewall.   However, we want to se...
devops
iRules
LTM
Mandragor's avatar
Mandragor
Icon for Altostratus rankAltostratus
Oct 30, 2019

Port Lockdown only handles traffic destined directly to the self IP, not for traffic which it would forward.

 

If you're not using a remote logging destination and able to see your traffic there you can simply use tcpdump from your BIG-IP device and filter on traffic from your DNS server to see which virtual server it is going through.

Something along the lines

tcpdump -i 0.0 -nn host <IP-address of DNS-server>

at the end of the line you should see something along the lines of

in slot1/tmm0 lis=/Common/your_forwarding_vs