What is port lockdown?

Question

Hi I am setting up F5 VE, and I meet "Port Lockdown" when setting up utility, external vlan interface for floating ip. What is port lockdown? how to configure it? Thank you&nbsp;

crodriguez · Answer

Port Lockdown controls what types of connections will be allowed to the self IP based on protocol and port. You can find a great overview of Port Lockdown behavior here, along with recommendations on how best to use this feature.

wesleyjack · Answer

eesun,&nbsp;
F5 publishes a K article describing this in great detail.  https://support.f5.com/csp/article/K17333&nbsp;
In short, it is a security feature associated with self-IPs that allows you to control what ports and protocols are permitted.  I do not know your specific scenario, but a self-IP associated with an external VLAN would probably not be something you would want to set up with a port lockdown of say "allow-default" as that would expose TMUI management.  You may want to set something like that to "allow none" or customize the ports allowed.  For example, if you are using GTM/DNS and you need the GTM/DNS iQuery functionality to your self-IP on VLAN external, then you would use "allow custom" to specify ports and protocols to allow.  I hope this helps!&nbsp;

Forum Discussion

What is port lockdown?

2 Replies

Recent Discussions

F5Access | MacOS Sonoma

Rewrite uri translation not working

Chrome V 124+ on MacOS - Virtual Server Access Issue

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Ps Self Ip Port Lockdown

iControl 101 - #20 - Port Lockdown

Post of the Week: Port Lockdown

"Port lockdown" option for SNAT pool addresses?

Multiple Port Load Balancing