What is port lockdown?

Question

Hi I am setting up F5 VE, and I meet "Port Lockdown" when setting up utility, external vlan interface for floating ip. What is port lockdown? how to configure it? Thank you&nbsp;

crodriguez · Answer

Port Lockdown controls what types of connections will be allowed to the self IP based on protocol and port. You can find a great overview of Port Lockdown behavior here, along with recommendations on how best to use this feature.

wesleyjack · Answer

eesun,&nbsp;
F5 publishes a K article describing this in great detail.  https://support.f5.com/csp/article/K17333&nbsp;
In short, it is a security feature associated with self-IPs that allows you to control what ports and protocols are permitted.  I do not know your specific scenario, but a self-IP associated with an external VLAN would probably not be something you would want to set up with a port lockdown of say "allow-default" as that would expose TMUI management.  You may want to set something like that to "allow none" or customize the ports allowed.  For example, if you are using GTM/DNS and you need the GTM/DNS iQuery functionality to your self-IP on VLAN external, then you would use "allow custom" to specify ports and protocols to allow.  I hope this helps!&nbsp;

Forum Discussion

What is port lockdown?

2 Replies

The New F5 Certified BIG-IP Administrator Certification Exams Now Live

F5 Academies Are Back – And We’re Coming to a City Near You

Recent Discussions

BIG-IP Edge Endpoint Inspection Failure pre-VPN

Create cipher group in f5

Buy F5 Big-IP Virtual Edition Lab licence in FR

VMware Horizon app and X-Forwarded-For

Requests with 307 responses not logged (missing) in ASM events

Related Content

Ps Self Ip Port Lockdown

iControl 101 - #20 - Port Lockdown

Post of the Week: Port Lockdown

"Port lockdown" option for SNAT pool addresses?

Three Ways to Specify Multiple Ports on a Virtual Server

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS