Forum Discussion

Thomas_Gobet's avatar
Icon for Nimbostratus rankNimbostratus
Jan 17, 2014

Management through APM with Network Access

Hello team,


I'd like to how we can access our BIG-IP inside a network access session. I made a tcpdump and my BIG-IP can see traffic but it never answer it, even if it's destinated to a self IP.


I've already done something similar but I can't remember how I did (it was with an iRule but that's only what I can remember). I know it's not something good about security, but it's a firepass migration and on firepass we were able to do this.


Thanks guys.


3 Replies

  • I would also look at changing the port lockdown settings to be doubly sure that no-one can get in.



  • Hi,


    You're right if I try to access the management interface I haven't got any problem. I avoided to specify it was on a self IP he tried to access his BIG-IP.


    I will tell him it's unsecure to access the management through a production IP.


  • We access our APM while connected through a network connection without any issue, to me it sounds like a routing issue or a firewall issue, the management interface will have a different IP address to the traffic interface (and I would hope the IP range you are assigning to clients) so as long as you can prove there is a valid path (on 443) to the management interface there shouldn't be an issue.