scans reveal ISAKMP port 500 on mgmt port

Question

We just got done doing our security scans and they found a port 500 isakmp listener on our MGMT IF.  What is this traffic and can it be turned off?  I ran a tcpdump for several minutes on eth0 tcp port 500 and saw nothing.
We are running 11.5.1 HF4&nbsp;

gsharri · Answer

ISAKMP is involved with IPsec traffic. Since the management interface is controlled by the host subsystem (the Linux OS on BIG-IP) the fact that the port appears open likely means a Linux process is listening here. I'm not sure if IPsec/ISAKMP can be disabled in Linux. Also, the TMOS packet filters do not apply to the management interface so you can't block it there. However, if you have AFM licensed on the box then AFM filters can be applied to the management interface.

Forum Discussion

scans reveal ISAKMP port 500 on mgmt port

1 Reply

Recent Discussions

Citrix XenServer Big-IP Upgrade help

Hi All, We have viprion 4300 with 4450 blades with 6 blades all blades having same configuration

BWC iRule

Can iRule be used to perform exception of IPI category based on Geolocation

help irules for compatibilty

Related Content

OWASP Automated Threats - OAT-014 Vulnerability Scanning

ISAKMP packets dropped

Advanced iRules: Scan

Advanced iRules: Binary Scan

Infosecurity Survey Reveals Industry Security Concerns