Forum Discussion
3 Replies
Sort By
- What_Lies_Bene1CirrostratusTo restrict HTTPS access (to the Configuration Utility), use the following tmsh command: [tmsh] modify sys httpd allow replace-all-with { 10.11.*.* } to replace the allow list entirely or [tmsh] modify sys httpd allow add { 10.11.*.* } to add an address or network to it.
- dirtycacheNimbostratusIdeally you should manage the BIG-IP via it's management port interface, connected to a dedicated management VLAN with appropriate ACLs. Otherwise, the advice above is spot on for creating an ACL for httpd.
- gsharriAltostratus
Note that the packet filters (Network>Packet Filters) apply only to vlan traffic not the management interface. AFM (if available) rules can be applied directly to the management interface. Or use tmsh to restrict httpd as outlined previously.