Port Lockdown

Question

Hi:
&nbsp;Really stupid simple question here, but I want to make sure that I have my facts straight on port lockdown before I implement it and I've never worked with it before, so I don't want to upset any of my customers. &nbsp;
&nbsp;The way I understand port lockdown, it only involves traffic that is sourced from a host with the destination address being the F5's self-IP. So if you set the port lockdown setting to None, the Self-IP won't accept any connections with itself as the destination, but traffic going through the Self-IP with another destination will flow just fine ( from a server trying to talk to www.mydomain.com that has F5 set as its default gateway). &nbsp;
&nbsp;Is that correct?

nathe · Answer

FL 
&nbsp;  
&nbsp; That's how I understand it. Port Lockdown is used to limit access the self-ip address itself, rather than the scenario you outline. It's a feature to secure the interface. 
&nbsp;  
&nbsp; One thing to mention - if the system is part of a redundant pair then Allow Default is the suggested option. If you click on Help on that screen it will give you a list of the allowed protocols / services when this is selected. 
&nbsp;  
&nbsp; N

Forum Discussion

Port Lockdown

1 Reply

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

iRule causing requests to be duplicated (sometimes)

SSL Bridging and FQDN rewrite Policy

How can I get started with iCall

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

Could not communicate with the system. Try to reload page.

Related Content

iControl 101 - #20 - Port Lockdown

Ps Self Ip Port Lockdown

Post of the Week: Port Lockdown

"Port lockdown" option for SNAT pool addresses?

SFP Port LEDs Blinking Yellow

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS