Port Lock down | Impact
Hi All,
Hope your are doing great.
I am planning to restrict access on Self IP. Can you please help to understand the impact of port lock down when i change it from allow all to "None".
What things will be impacted like HA or anything and how we can prevent it. We do not have GTM . We have LTMs in HA and some are standalone.
Regards,
RaqS
Hi,
1) If i ll allow default , then what all ports will be allowed
https://support.f5.com/csp/article/K17333
2) If i ll use custom, then what all port should i allow
Only those needed for your scenario. If you don't have gtm and you don't administer through self IP then udp/1026 but only if you are using that self IP for the cluster.
3) I can for logging into GUI , CLI we are using management IP . So I consider that administration is not manage by Self IP.
Sounds right.
4) Please let me know how i ll identity whether Self IP is being used for cluster communication or not.
From Device Management > Devices, open the BIG-IP you are logged in (self), then from the "Device connectivity" drop down menu check the settings of the different entries to know which IPs are used.