For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Werso's avatar
Werso
Icon for Nimbostratus rankNimbostratus
Oct 17, 2024

Using the WAF instead of a jump server for ssh-tunneling?

Hello everyone, This is how it works at the moment: We go from server A, in the internal network, with a public IP via ssh to a jump server in the DMZ. From the jump server we then go on to se...
BIG-IP
ssh
tunnel
waf
Jeff_Granieri's avatar
Jeff_Granieri
Icon for Employee rankEmployee
Oct 17, 2024

WAF is going to be used for HTTP traffic.  If you're simply looking for a connectivity option without security, then you can configure a SSH Virtual Server and you pool member would be the server in the DMZ.  If you're looking for SSH security, then you might consider adding on AFM which can do SSH protocol inspection amongst other options.  Secure SSH traffic with the SSH Proxy (f5.com)

 

If no security is needed, you can restrict source IP;s on the LTM VS your configuring to access the DMZ jump server.