AltostratusHi Guys,a quick question. I have syslog set up on UDP 514 and I see the syslog traffic via one of my self ip's and I am wondering how is that possible. Because syslog traffic should flow via management right ? and I have a port lock down on Self IP's and UDP 514 is not allowed too.
So just wondering, how this is working ? Pls help me clarify this.
CirrostratusHello,
I think you are confusing with the Port Lock Down.
This feature is applied on listenning ports for each self ip.
By definition the "Port lockdown is a BIG-IP security feature that allows you to specify particular protocols and services from which the self IP address defined on the BIG-IP system can accept traffic"
When you send syslog, the self-ip connects to the remote server on port 514 UDP.
Reference : https://support.f5.com/csp/article/K17333
Hope it helps
Regards