Forum Discussion

Nimbostratus

Jul 30, 2009

L2 port security

Hi i want make secure port on Bigip, terminology name on Cisco pvlan (private vlan) like this ; i have 1 internal vlan and assigned port 1.1 and 1.2 to th...

config

design

L4L7_53191

Nimbostratus

Aug 03, 2009

If I understand correctly I think the best way to accomplish what you want is to use forwarding virtual servers with gateway pools that point to your firewall for policy enforcement. I've used this design with success in the past. Note that this is L3 and up. If you're binding multiple vlans to your port you won't get crosstalk across vlans with this design, so vlan hopping will be avoided.

Also, I'd avoid vlan groups, as a matter of preference.

-Matt

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

L2 port security

Recent Discussions

INFORM: Entrust CA will be untrusted in Chrome after Oct 31, 2024

Can BIG-IP DNS recursion only my domain?

CPU data, control and analytics plane utilization

Can import iSeries 4000 config (OS ver 1.3.x) to rSeries 5000 (f5os-a 1.5.2)?

Datagroup with address and value

Related Content

L2 Deployment of BIG-IP with Gigamon

Adaptive Apps: Replicate & deploy WAF application security policies across F5's security portfolio

Auditing Security Policy Updates

Minimizing Security Complexity: Managing Distributed WAF Policies

Get Started with WAAP Security Incidents

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS