Forum Discussion

aj11's avatar
aj11
Icon for Nimbostratus rankNimbostratus
Aug 03, 2017

How do I block (packet filtering?) all external IPs?

We have a BIG-IP (F5) unit set up at a backup site. We want to lock this unit down so that no public access is allowed while not in use, and any external scans won't even know there is anything ther...
BIG-IP
LTM
security
Jeff_Maddox_394's avatar
Jeff_Maddox_394
Historic F5 Account
Aug 03, 2017

The default behavior for disabled virtual servers is to send a RST to a SYN. If you are looking for a passive drop behavior, then a packet filter rule with the action set to "discard" would do the trick.

 

aj11's avatar
aj11
Icon for Nimbostratus rankNimbostratus
Aug 04, 2017

So I got it to accept 2 rules I put in where I had to add an actual expression to "Enter Expression Text" field, but I have not yet enabled packet filtering. The instructions on that page I linked basically just says to select that checkbox and that's it.

 

What I have so far, Jeff, and please correct me if this is wrong, but I have the following: Rule 1 (First): Allow ("Accept")the management networks (ie: ( src net 192.168.1.0/24 ) and ( dst net 0.0.0.0/0 )) on all vlans. Rule 2 (Last): Deny ("Discard") everything else (ie: ( src net 0.0.0.0/0) and ( dst net 0.0.0.0/0 )) on all vlans.

 

Will this accomplish what I'm looking for?