1.2.5.12. Test the New Firewall Rules¶

Once again you will generate traffic through the BIG-IP AFM and then view the AFM (firewall) logs.

• Ping 10.30.0.50
• Open a new Web browser and access http://10.30.0.50
• Open a new Web browser and access http://10.30.0.50:8081
• SSH to 10.30.0.50 using Web Server shortcut on desktop

In the Configuration Utility, open the Security > Event Logs > Network > Firewall page.

Access for port 80 on 10.30.0.50 was granted using the web_rule_list: allow_http rule.

Access for port 80 on 10.40.0.50 was granted using the application_rule_list: allow_http rule.

Ping to 10.30.0.50 was granted using the global rule.

All other traffic was rejected by the rd_0_policy reject_10_20_0_0 reject rule