Port Lockdown controls which ports and protocols a Self IP will respond to.
The Allow Default setting permits only a predefined set of BIG-IP internal and required service ports.
The Allow Default list includes :
TCP 443 → HTTPS (Management/TMUI access via Self-IP)
TCP 4353 → CMI (device sync)
TCP/UDP ports related to HA communication
Other essential internal F5 ports
Why TCP 443 is correct:
It is one of the officially allowed ports under Allow Default .
It enables HTTPS/TMUI access through a Self IP.
Why the other options are incorrect:
A. TCP 80 (HTTP)
Not allowed under Allow Default
HTTP via Self-IP is blocked unless placed under Allow Custom
B. UDP 8443
Not an F5 default service
Not part of the Allow Default ports
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit