F5 Firewall Solutions > [Archive1] AFM - The Data Center Firewall > Lab 1 – Advanced Firewall Manager (AFM) > Creating AFM Network Firewall Rules Source | Edit on

Test the New Firewall Rules¶

Once again you will generate traffic through the BIG-IP AFM and then view the AFM (firewall) logs.

Ping 10.1.20.11
Open a new Web browser and access http://10.1.20.11
Open a new Web browser and access http://10.1.20.11:8081
Open a new Web browser and access https://10.1.20.12 (site cant be reached)
Next open Putty Application on the Desktop, select Lamp Server-10.1.20.12. login as: type in f5 and <Enter>

In the Configuration Utility, open the Security > Event Logs > Network > Firewall page.

Inspect for the expected log entries

During this lab we have used Rules/Rule Lists applied to global and Route Domain objects. This is typical in a “Data Center” firewall implemntation where BIG-IP is positioned as a standalone firewall.

The BIG-IP Firewall module can also be used on a BIG-IP configured as an Application Delivery Controller/Load Balancer. For these environments additional granularity and East - West traffic control can be implemented by applying Ruls/Rule Lists to specific Virtual Servers or Self-IP’s

Previous Next