0

In an F5 bigIP LTM with sw version 11.4.1, is it possible to have multiple sources addresses for a virtual server?

The objective is to limit the number of sources from where the virtual server can be reached. This virtual server balances an ftp server which will only be used from a few remote ip addresses and I want to prohibit other ip addresses to try to login to this server.

Hannes
  • 135
  • 1
  • 3
  • 17
  • 1
    OK, at this point, I would suggest googling around or reading the firewall manual for the loadbalancer. It apparently (according to its advertising at least) comes with a pretty good firewall. But I would definitely advise blocking at the hardware firewall level, not at the Apache level. –  Oct 29 '14 at 16:07

1 Answers1

3

You can create an ACL iRule, documentation here: https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-datacenter-firewall-config-11-1-0/5.html

The list of allowed IPs may be separated to an object called a data group and then used in the iRule.

Wanted
  • 281
  • 1
  • 5