Forum Discussion
Kevin_Stewart
Jun 24, 2014Employee
If I may add, the LTM is a default deny device. You don't need an all-inclusive filter rule applied to say "reject if not matching an allowed IP", because that already exists in the absence of anything at all. If you don't actively create a listener - a virtual server or NAT - then the LTM won't respond to any requests. The TM.RejectUnmatched option is interesting in that it allows you to choose how packets are rejected. Set to true and LTM sends a RST. Set to false and LTM drops the request packet. In either case the request is denied.