Port Lock Down : UDP 514

Question

Hi Guys,a quick question. I have syslog set up on UDP 514 and I see the syslog traffic via one of my self ip's and I am wondering how is that possible. Because syslog traffic should flow via management right ? and I have a port lock down on Self IP's and UDP 514 is not allowed too.&nbsp;
So just wondering, how this is working ? Pls help me clarify this.&nbsp;

jad_tabbara__j1 · Answer

Hello, &nbsp;
I think you are confusing with the Port Lock Down. &nbsp;
This feature is applied on listenning ports for each self ip. &nbsp;
By definition the "Port lockdown is a BIG-IP security feature that allows you to specify particular protocols and services from which the self IP address defined on the BIG-IP system can accept traffic"&nbsp;
When you send syslog, the self-ip connects to the remote server on port 514 UDP. &nbsp;
Reference : https://support.f5.com/csp/article/K17333&nbsp;
Hope it helps &nbsp;
Regards&nbsp;

Forum Discussion

Port Lock Down : UDP 514

Recent Discussions

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

Submenus missing in ASM Security Tab

XC Bot defense question

LTM Rule, iRule, or Brute Force Configuration to Limit URL Access

NetScaler to F5 Migration

Related Content

Installing and Locking a Specific Version of F5 NGINX Plus

Port Lock down | Impact

Lock and Key - Encrypting EBS Disk Volumes for BIG-IP AWS Deployments

Lock Down Your Login

10 Settings to Lock Down your BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS