Forum Discussion

thebull_6486's avatar
thebull_6486
Icon for Nimbostratus rankNimbostratus
Apr 30, 2008

Management IP's

Hello ALL,

 

 

I do have a silly question and i am new to F5 Prodcuts.

 

 

I do have 3-DNS sitting facing the internet and all i need is how is it configured so that guys from outside cann't access and i see guys sitting inside are accessing.

 

 

My setup is 3-DNS interface is connected to external switch which is connected to INTERNET, so this box is visible to external world.

 

 

I also checked the config on /etc/hosts.allow, don't find any host IP's.

 

 

 

Thanks in advance for your assistance.

 

 

2 Replies

  • Any change you have a firewall between the your 3DNS and the Internet?

     

     

    /CB

     

  • As bmbhatt suggests, it's ideal to have a firewall between the BIG-IP (or 3DNS) and any insecure network). It's also recommended to use the mgmt port (interface 3.1) to administer the units. Ideally, you'd have the management port on a discrete internal subnet not reachable from any public network.

     

     

    You can configure which ports are open/need to be open on the self IP addresses using the port lockdown configuration. For more info on port lockdown, check SOL7317 (Click here).

     

     

    Aaron