Forum Discussion

Nimbostratus

Jul 30, 2009

L2 port security

Hi i want make secure port on Bigip, terminology name on Cisco pvlan (private vlan) like this ; i have 1 internal vlan and assigned port 1.1 and 1.2 to th...

config

design

JRahm

Admin

Jul 31, 2009

Can you provide a drawing of what you're trying to accomplish? I'm not sure I follow what you're saying. For the LTM to receive traffic from your pvlan hosts, it will need to be connected as a promiscous port since your two hosts are (I assume) configured in isolation mode. I personally prefer the vACL approach for controlling intra-subnet traffic for two reasons. 1) configuration is straight forward, making it easy to troubleshoot, and 2) there are some serious holes in pvlan from security perspective.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

L2 port security

Recent Discussions

INFORM: Entrust CA will be untrusted in Chrome after Oct 31, 2024

Can BIG-IP DNS recursion only my domain?

CPU data, control and analytics plane utilization

Can import iSeries 4000 config (OS ver 1.3.x) to rSeries 5000 (f5os-a 1.5.2)?

Datagroup with address and value

Related Content

Certifications for security professionals

API security

Response port masking

Ensuring Security in Continuous Integration and Continuous Deployment (CI/CD) Pipelines

F5 Cloud-Native Functions For Secure DNS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS