Test the New Firewall Rules
---------------------------

Once again you will generate traffic through the BIG-IP AFM and then
view the AFM (firewall) logs.

-  Ping 10.1.20.11

-  Open a new Web browser and access http://10.1.20.11

-  Open a new Web browser and access http://10.1.20.11:8081

-  Open a new Web browser and access https://10.1.20.12 (site cant be reached)

-  Next open Putty Application on the Desktop, select Lamp Server-10.1.20.12.
   login as: type in **f5** and **<Enter>**



In the Configuration Utility, open the **Security > Event Logs > Network
> Firewall** page.

Inspect for the expected log entries

During this lab we have used Rules/Rule Lists applied to global and Route Domain objects. 
This is typical in a "Data Center" firewall implemntation where BIG-IP is positioned as a 
standalone firewall. 

The BIG-IP Firewall module can also be used on a BIG-IP configured as an Application 
Delivery Controller/Load Balancer. For these environments additional granularity and 
East - West traffic control can be implemented by applying Ruls/Rule Lists to specific
Virtual Servers or Self-IP's

.. |image31| image:: /_static/class1/image32.png
   :width: 6.5in
   :height: 0.5in
.. |image32| image:: /_static/class1/image32.png
   :width: 6.5in
   :height: 0.5in
.. |image33| image:: /_static/class1/image33.png
   :width: 6.5in
.. |image34| image:: /_static/class1/image34.png
   :width: 6.49097in
   :height: 0.59236in