Forum Discussion
ports are showing open on online scanning tool
- Jan 20, 2025
Hello Team,
We have raised F5 case for this issue and F5 Internal team have found few logs and few TCP half-open (SYN cookie) vector which might be causing this issue which are related to AFM module. To isolate the issue internal has suggested to upgrade the tenant to the latest 17.1.1.4 (stability release) and F5OS to at least 1.5.2. and After upgrading the tenant to version 17.1.1.4 and F5OS to version 1.5.2, the issue has been resolved.
Pooja_Varekar208 Are you positive you have "Allow none" on the public facing self and floating IPs? Are you positive that you have not configured a Virtual Server (VS) with either the floating or self IP? Other than those two items for LTM you shouldn't be listening on any particular port on the public facing self or floating IP. Can you share the scan results?
- Pooja_Varekar208Dec 24, 2024
Altocumulus
Paulius, thanks for your reply. As you mentioned, in our scenario, one condition is met: the self IP is configured as a virtual server. To resolve this, can we change the self IP during downtime?
- PauliusDec 24, 2024
MVP
Pooja_Varekar208 This depends on your overall configuration. At face value, you should be able to create a new virtual server (VS) the exact same way but with a different virtual IP to test and then during a maintenance window you can remove the old VS and point everything to the new VS. For future reference, you should refrain from using the self or floating IPs as a VS because it can cause some issue, your security scan being one of them.
- Pooja_Varekar208Dec 24, 2024
Altocumulus
Paulius, thanks for providing such a helpful solution!
- NizarJan 03, 2025
Altostratus
Hi Pooja, i still dont get it, so you mean that, you use self ip as a vip ? Or you use one segment of self ip as your vip ?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com