Forum Discussion

jspec21_47500's avatar
jspec21_47500
Icon for Nimbostratus rankNimbostratus
Jun 19, 2012

SSH IP Allow - multiple subnets

I'm trying to secure web management access to my LTM 1600 v11.1. I've configured SSH and am allowing the following subnets:

 

 

10.1.1.64 255.255.255.240

 

10.1.2.128 255.255.255.128

 

10.1.3.0 255.255.255.0

 

 

This is what I've configured under Platform -> SSH IP Allow:

 

10.1.1.64/255.255.255.240 10.1.2.128/255.255.255.128 10.1.3.*

 

 

Issue: From 10.1.4.x I can still SSH into the LTM, so it doesn't seem like my statement is valid. Has anyone successfully configured multiple subnets for SSH IP Allow access?

 

 

Thanks.

 

J
  • i was under the impression that the big-ip only has one management plane for inbound / outbound comms, and that it did not allow multiple connections for this. from what i gathered, and our big-ip is still new as well, but the managment port is a dedicated port that is only there for management traffic. so i don't think you can put that port on mulitiple subnets...