Forum Discussion

RAQS's avatar
RAQS
Icon for Cirrus rankCirrus
Mar 24, 2021
Solved

Port Lock down | Impact

Hi All,   Hope your are doing great.   I am planning to restrict access on Self IP. Can you please help to understand the impact of port lock down when i change it from allow all to "None". ...
  • Amine_Kadimi's avatar
    Amine_Kadimi
    Mar 25, 2021

    Hi,

     

    1) If i ll allow default , then what all ports will be allowed

    https://support.f5.com/csp/article/K17333

     

    2) If i ll use custom, then what all port should i allow

    Only those needed for your scenario. If you don't have gtm and you don't administer through self IP then udp/1026 but only if you are using that self IP for the cluster.

     

    3) I can for logging into GUI , CLI we are using management IP . So I consider that administration is not manage by Self IP.

    Sounds right.

     

    4) Please let me know how i ll identity whether Self IP is being used for cluster communication or not.

    From Device Management > Devices, open the BIG-IP you are logged in (self), then from the "Device connectivity" drop down menu check the settings of the different entries to know which IPs are used.