Forum Discussion
remove ssh after gtm_add/bigip_add/big3d_add ?
Is it okay to remove ssh/tcp 22 off the allowed list on the self IP after running gtm_add/bigip_add/big3d_add or does it need to stay there? I know 4353 has to stay, but I can't find anything that says it's okay for 22 to go away.
Hello Joseph_Bernard ,
TCP 4353 must be opened to allow config and status synchronization.But, bigip_add command requires SSH/SCP port opened to exchange SSL keys.After this command is done, SSH port can be blocked.
After blocking ssh you can verify GTM status (wideips, servers, pools).
BR
Aswin
- Aswin_mkCumulonimbus
Hello Joseph_Bernard ,
TCP 4353 must be opened to allow config and status synchronization.But, bigip_add command requires SSH/SCP port opened to exchange SSL keys.After this command is done, SSH port can be blocked.
After blocking ssh you can verify GTM status (wideips, servers, pools).
BR
Aswin
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com