Forum Discussion

Nimbostratus

Jul 30, 2009

L2 port security

Hi i want make secure port on Bigip, terminology name on Cisco pvlan (private vlan) like this ; i have 1 internal vlan and assigned port 1.1 and 1.2 to th...

config

design

JRahm

Admin

Jul 30, 2009

private vlans offer the ability to provide another layer of access control, such as in a DMZ environment, where all the web servers might be in same vlan, but you don't want them to be able to talk to each other. The LTM doesn't have this capability. That said, you could build packet filters to disallow traffic at l3/l4 level between hosts on a vlan if all their traffic flows through the LTM (ie, they're both directly connected to the switch plane). If they aren't directly connected, intra-vlan traffic won't flow to the LTM anyway. I've always used access switches for this kind of control, where there are quite a few more l2 tricks availalble.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

L2 port security

Recent Discussions

INFORM: Entrust CA will be untrusted in Chrome after Oct 31, 2024

Can BIG-IP DNS recursion only my domain?

CPU data, control and analytics plane utilization

Can import iSeries 4000 config (OS ver 1.3.x) to rSeries 5000 (f5os-a 1.5.2)?

Datagroup with address and value

Related Content

Certifications for security professionals

API security

Response port masking

Ensuring Security in Continuous Integration and Continuous Deployment (CI/CD) Pipelines

F5 Cloud-Native Functions For Secure DNS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS