For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

zafer's avatar
zafer
Icon for Nimbostratus rankNimbostratus
Jul 30, 2009

L2 port security

Hi     i want make secure port on Bigip, terminology name on Cisco pvlan (private vlan)     like this ;     i have 1 internal vlan and assigned port 1.1 and 1.2 to th...
config
design
zafer's avatar
zafer
Icon for Nimbostratus rankNimbostratus
Jul 31, 2009
Application and DB server on same subnet, we want send traffic to Firewall for monitor traffic and give block or accept

 

 

for this reason you can do pvlan and they can not talk each other but their we have multiple cisco switch and server on different switch

 

 

at this time

 

 

host a 1.1.1.1 connected switch1

 

host b 1.1.1.2 connected switch2

 

 

cisco has pvlan they can not talk directly but each switch connected on bigip and bigip does not touch traffic. they are on same vlan. when i opened tcpdump i dont see anything.

 

traffic pass over switch fabric level.

 

 

for the solution i created created multiple vlan for each port and i put them in vlan group

 

why i configured like this if see on TMM level i can block this but still working on L2 level.

 

they not hitted on 0.0.0.0/0 L2 or L3 vip

 

 

zafer