Adding Self IP addresses

Within Shared Security, hover over the Self IPs header and click the + icon when it appears, and click New Self IP. The panel expands to display the New Self IP properties screen.

Editing Self IPs

Hover over the name of the self IP address to edit, and when the gear icon appears, select Properties to expand the panel.

Adding self IP addresses

1. Hover over the Self IPs header, click the + icon when it appears, and click New Self IP. The panel expands to display the New Self IP properties.
2. In the New Self IP screen, modify the properties of the new self IP address as appropriate.

   Device	From the list, select a discovered BIG-IP device. If there are multiple devices discovered, the default device is the one discovered first.
   Name	Type the name of the self IP address definition.
   Description	Type an (optional) description for the self IP address.
   Partition	Type the partition or path to which the self IP address belongs. Only users with access to a partition can view the objects (such as the self IP address) that it contains. If the self IP address resides in the Common partition, all users can access it. Note: Although pre-populated with Common (default), you can set the partition by typing a unique name for the partition. The partition with that name must already exist on the BIG-IP device. If it does not exist, then, at deployment, the deployment will fail. No whitespace is allowed in the partition name.
   IP Address/Prefix	Type the IP address of the self IP, including the prefix.
   VLAN/Tunnel	Select the VLAN associated with this self IP address. The choices are defined on the BIG-IP device, and the default is internal.
   Port Lockdown	Specify the protocols and services from which the self IP address can accept traffic. Note that having fewer active protocols enhances the security level of the self IP address and its associated VLANs. Options are: Allow Default: Activates only the default protocols and services. You can determine the supported protocols and services by running the tmsh list net self-allow defaults command on the command line. Allow All: Activates all TCP and UDP services on this self IP address. Allow None: Specifies that this self IP address accepts no traffic. If you are using this self IP address as the local endpoint for WAN optimization, select this option to avoid potential port conflicts. This is the default. Allow Custom: Activates the custom protocols and services you select for this self IP address using the expanded custom list options. Allow Custom (include Default): Activates the default protocols and services as well as the custom protocols and services you select for this self IP address using the expanded custom list options.
   Floating	Specifies whether the self IP is floating. This is determined by the value of the Traffic Group property.
   Traffic Group	Specifies the traffic group to associate with the self IP. Whether the self IP address can inherit the traffic group is set on the BIG-IP device and is only readable on the BIG-IQ system.

3. When you are finished, click Add to create the new self IP address.

Editing self IPs

From the Self IPs panel, you can edit self IP address properties.

1. Hover over the self IP address that you want to edit, click the gear icon, and select Properties to expand the panel.
2. Click Edit to establish the lock and make it possible to edit the values on the property page.
3. Edit the properties. Not all properties can be modified.

   Device	From the list, select a discovered BIG-IP device. If there are multiple devices discovered, the default device is the one discovered first.
   Name	Type the name of the self IP address definition.
   Description	Type an (optional) description for the self IP address.
   Partition	Type the partition or path to which the self IP address belongs. Only users with access to a partition can view the objects (such as the self IP address) that it contains. If the self IP address resides in the Common partition, all users can access it. Note: Although pre-populated with Common (default), you can set the partition by typing a unique name for the partition. The partition with that name must already exist on the BIG-IP device. If it does not exist, then, at deployment, the deployment will fail. No whitespace is allowed in the partition name.
   IP Address/Prefix	Type the IP address of the self IP, including the prefix.
   VLAN/Tunnel	Select the VLAN associated with this self IP address. The choices are defined on the BIG-IP device, and the default is internal.
   Port Lockdown	Specify the protocols and services from which the self IP address can accept traffic. Note that having fewer active protocols enhances the security level of the self IP address and its associated VLANs. Options are: Allow Default: Activates only the default protocols and services. You can determine the supported protocols and services by running the tmsh list net self-allow defaults command on the command line. Allow All: Activates all TCP and UDP services on this self IP address. Allow None: Specifies that this self IP address accepts no traffic. If you are using this self IP address as the local endpoint for WAN optimization, select this option to avoid potential port conflicts. This is the default. Allow Custom: Activates the custom protocols and services you select for this self IP address using the expanded custom list options. Allow Custom (include Default): Activates the default protocols and services as well as the custom protocols and services you select for this self IP address using the expanded custom list options.
   Floating	Specifies whether the self IP is floating. This is determined by the value of the Traffic Group property.
   Traffic Group	Specifies the traffic group to associate with the self IP. Whether the self IP address can inherit the traffic group is set on the BIG-IP device and is only readable on the BIG-IQ system.

4. Click Save to save your changes as you go.
5. When finished, click Save and Close to save changes, release the lock, and exit the screen.