AFM configuration file

Question

Can we configure the rules using AFm configuration file is possible? I have a list of firewall rules to be implemented ( looong list) and it will be great if it can be append in the configuration file.&nbsp;
-Jinshu&nbsp;

stanislas_piro2 · Answer

Hi,
you can configure AFM rule using tmsh...
create firewall Host object with create security firewall address-list Host1 addresses add { 1.2.3.4 }create firewall Network object with create security firewall address-list Network1 addresses add { 1.2.3.0/24 }create firewall Service object with create security firewall port-list RDP ports add { 3389 }create a firewall policy create security firewall policy MyPolicy create a firewall policy rule modify security firewall policy MyPolicy rules add { rule1 { ip-protocol tcp source { address-lists add { Network1 } } destination { address-lists add { Host1 } port-lists add { https }} action accept log yes  place-after last}} 
I converted a 500 rules ASA configuration to AFM with these tmsh commands.

Forum Discussion

AFM configuration file

1 Reply

Recent Discussions

BWC iRule

GTM Packet Capture command

Citrix XenServer Big-IP Upgrade help

BIG-IP DNS iRule issue with static variable

F5 ASM logging profile to specify source IP

Related Content

Protecting the F5 BIG-IP AFM system with AFM Protocol Inspection System Checks

Configuring BIG-IP AFM firewall policies and rules with Ansible

Enriching AFM with public domain Threat Intelligence

Traffic Intelligence in AFM through Categories

BIG-IP AFM設定例-NAT