Port Lockdown

Question

Hi:
&nbsp;Really stupid simple question here, but I want to make sure that I have my facts straight on port lockdown before I implement it and I've never worked with it before, so I don't want to upset any of my customers. &nbsp;
&nbsp;The way I understand port lockdown, it only involves traffic that is sourced from a host with the destination address being the F5's self-IP. So if you set the port lockdown setting to None, the Self-IP won't accept any connections with itself as the destination, but traffic going through the Self-IP with another destination will flow just fine ( from a server trying to talk to www.mydomain.com that has F5 set as its default gateway). &nbsp;
&nbsp;Is that correct?

nathe · Answer

FL 
&nbsp;  
&nbsp; That's how I understand it. Port Lockdown is used to limit access the self-ip address itself, rather than the scenario you outline. It's a feature to secure the interface. 
&nbsp;  
&nbsp; One thing to mention - if the system is part of a redundant pair then Allow Default is the suggested option. If you click on Help on that screen it will give you a list of the allowed protocols / services when this is selected. 
&nbsp;  
&nbsp; N

Forum Discussion

Port Lockdown

1 Reply

Recent Discussions

F5 terminal - help to run commands - disk space full

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

Related Content

Ps Self Ip Port Lockdown

iControl 101 - #20 - Port Lockdown

Post of the Week: Port Lockdown

"Port lockdown" option for SNAT pool addresses?

Response port masking