Forum Discussion
Port lockdown in self ip
Hello community
I am a fresher here and I have a question in port lockdown. We have a vulnerability and F5 knowledge article suggested to do port lockdown. I need to know if there any affect to device if we do it(application access). Your response will be appreciated
Thanks
Yasir:)
- Aswin_mkCumulonimbus
Hi ,
Welcome to the community.
About port lockdown, we have to do the same for securing our device from external or internal network. First of all
If your self ip config is allow default you are allowing ports including 443 and ssh to outside (ext or internal network). If you configure allow default then your management plan will be exposed to internet or internal network. If it's not HA interface allow none is enough.
If it's ha interface, allow default will be ok, because it's need for communicate between devices.
So you can configure port lockdown once checking if it's ha or traffic interface.
Br
Aswin
- Aswin_mkCumulonimbus
Also port lockdown not affect any traffic from self ip to backend members.. it's will only affect traffic initiated to self ip. So configure the port lockdown as per your infra.
Thanks
Aswin
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com