Bug ID 1085925

Bug Tracker
ID 1085925

Bug ID 1085925: SSH connection cannot be allowed/blocked based on source IP address

Last Modified: Jun 04, 2025

Affected Product(s):
F5OS Velos(all modules)

Fixed In:
F5OS-C 1.6.0, F5OS-A 1.4.0, F5OS-A 1.3.0

Opened: Mar 10, 2022

Severity: 2-Critical

Symptoms

There is no command in F5OS-A or F5OS-C that can be used to allow SSH connection only from specific (or range) IP addresses. SSH connections are allowed from all source IP addresses.

Impact

Malicious users might be able to connect (SSH) to F5OS-A or F5OS-C device.

Conditions

F5 rSeries or VELOS platform

Workaround

None

Fix Information

The existing command "system allowed-ips allowed-ip ..." is enhanced to support SSH. The command can be used to specify source IP addresses that can establish SSH connection.

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips