F5 Logo MyF5
Search
  1. MyF5 Home
  2. BIG-IP AFM: Network Firewall Policies and Implementations
  3. Address and Port Lists
Manual Chapter : Address and Port Lists

Applies To:

Show Versions Show Versions

BIG-IP AFM

  • 14.1.3, 14.1.2, 14.1.0
Manual Chapter

Address and Port Lists

About AFM address and port lists

AFM Network Firewall uses Address and Port lists to collect multiple IP addresses and service ports in single configuration objects. Firewall policies are then configured to reference the appropriate address and port list. While you can create firewall policies that contain many individual IP address and service port entries, F5 recommends creating and associating address and port lists with your firewall policies to simplify administration.
  • Address lists
     - a configuration object containing multiple IP addresses.
  • Port lists
     - a configuration object containing multiple service ports.
Your firewall policy workflow should begin with creating address and port lists.

Creating an address List

You can create an address list containing IP addresses, fully qualified domain names or geographic locations. The address list will be used later when modifying or creating a new rule list.
  1. On the Main tab, click
    Shared Objects
    Address Lists
    .
  2. Click
    Create
    .
  3. In the
    Name
     and
    Description
     fields, type a name and description.
  4. In the
    Addresses
     field, type an IPv4 or IPv6 IP address, a fully qualified domain name or a geographical location.
  5. Click
    Add
    .
  6. Repeat steps 4 and 5 to continue adding
    Addresses
     to the Address List.
  7. Click
    Finish
    , or
    Repeat
     to create another shared Address List.
The new address list appears in the Address Lists area.
Next, you can create a port list to allow or deny specific application services.

Creating a port List

You can create a port list that contains one or more service ports. The new port list can be referenced later when modifying or creating a rule list.
  1. On the Main tab, click
    Shared Objects
    Port Lists
    .
  2. Click
    Create
    .
  3. In the
    Name
     and
    Description
     fields, type a name and optional description.
  4. In the
    Ports
     field, type the service port number. For example, 22 for the SSH service.
  5. Click the
    Add
     button.
  6. Repeat steps 4 and 5 to continue adding
    Ports
     to the Port List.
  7. Click
    Finished
    , or
    Repeat
     to create another shared Port List.
The new port list appears in Port Lists area.
Next, you can create a firewall schedule to enable firewall rules during certain hours of the day or days of the week.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information