Forum Discussion

Yasir36's avatar
Yasir36
Icon for Nimbostratus rankNimbostratus
Aug 23, 2024

Port lockdown in self ip

Hello community 

 

I am a fresher here and I have a question in port lockdown. We have a vulnerability and F5 knowledge article suggested to do port lockdown. I need to know if there any affect to device if we do it(application access). Your response will be appreciated 

 

Thanks

Yasir:)

  • Hi ,

     

    Welcome to the community.

    About port lockdown, we have to do the same for securing our device from external or internal network. First of all

    If your self ip config is allow default you are allowing ports including 443 and ssh to outside (ext or internal network). If you configure allow default then your management plan will be exposed to internet or internal network. If it's not HA interface allow none is enough.

     If it's ha interface, allow default will be ok, because it's need for communicate between devices.

    So you can configure port lockdown once checking if it's ha or traffic interface.

     

    Br

    Aswin

     

     

     

  • Also port lockdown not affect any traffic from self ip to backend members.. it's will only affect traffic initiated to self ip. So configure the port lockdown as per your infra.

    Thanks

    Aswin