For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

zafer's avatar
zafer
Icon for Nimbostratus rankNimbostratus
Jul 30, 2009

L2 port security

Hi     i want make secure port on Bigip, terminology name on Cisco pvlan (private vlan)     like this ;     i have 1 internal vlan and assigned port 1.1 and 1.2 to th...
config
design
L4L7_53191's avatar
L4L7_53191
Icon for Nimbostratus rankNimbostratus
Aug 03, 2009
If I understand correctly I think the best way to accomplish what you want is to use forwarding virtual servers with gateway pools that point to your firewall for policy enforcement. I've used this design with success in the past. Note that this is L3 and up. If you're binding multiple vlans to your port you won't get crosstalk across vlans with this design, so vlan hopping will be avoided.

 

 

Also, I'd avoid vlan groups, as a matter of preference.

 

 

-Matt