Manual Chapter :
Managing Allowed Network Addresses under DoS Protection
Applies To:
Show Versions
BIG-IQ Centralized Management
- 8.3.0, 8.2.0, 8.1.0, 8.0.0
Managing Allowed Network Addresses under DoS Protection
Create network allowlist
You create network allowlists to
bypass checks in a DoS profile.
- Click.
- Click the name of the BIG-IP ®device on which to create the network allowlist.
- In theAllowlist Address Listsetting, select the IP address from which the packet is coming.
- ClickCreateto add a network allowlist.
- Type aNamefor the network allowlist, and an optionalDescriptionthat will be useful in your environment.
- In theProtocolsetting, leave the default value,Any, or select the appropriate network protocol.
- In theVLANsetting, leave the default value,Any, select the appropriate VLAN, or selectOtherand provide a VLAN tag number.
- For theAddress Typesetting, specify the type of addresses being handled:SourceorDestination.The properties available change based on your choice.
- In the Source areaAddresssetting, leave the default value,Any, or select the field to the right and provide the address.You can specify IPv4 or IPv6 addresses in CIDR notation as the address. You can specify a source address or destination address, but not both in the same allowlist entry.
- In the Destination areaAddresssetting, leave the default value,Any, or select the field to the right and provide the address.
- In the Destination areaPortsetting, leave the default value,Any, or select the appropriate port.The system provides the default port number value for each port type when theProtocolis set toTCPorUDP.
- When you are finished, clickOK.
- Save your changes.