Port Lock down | Impact
- Mar 25, 2021
Hi,
1) If i ll allow default , then what all ports will be allowed
https://support.f5.com/csp/article/K17333
2) If i ll use custom, then what all port should i allow
Only those needed for your scenario. If you don't have gtm and you don't administer through self IP then udp/1026 but only if you are using that self IP for the cluster.
3) I can for logging into GUI , CLI we are using management IP . So I consider that administration is not manage by Self IP.
Sounds right.
4) Please let me know how i ll identity whether Self IP is being used for cluster communication or not.
From Device Management > Devices, open the BIG-IP you are logged in (self), then from the "Device connectivity" drop down menu check the settings of the different entries to know which IPs are used.