Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP TMOS
Fixed In:
16.1.0, 15.1.4.1
Opened: Apr 08, 2021 Severity: 3-Major
A tmsh command which shows ipsec-sa instances can display the 32-bit SPI more than once for the same security association (SA) but in different tmm instances.
The duplicate SPI displayed is a cosmetic effect only.
Especially in the context of failover where Standby becomes Active, sometimes the same SA appears more than once when shown by a tmsh command, but in different tmms.
None
Fixed an issue with duplicate SA reporting when using the tmsh show net ipsec ipsec-sa command.