Bug ID 1588841

Bug Tracker
ID 1588841

Bug ID 1588841: SA Delete is not send to other end

Last Modified: Oct 08, 2024

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
17.1.0, 17.1.0.1, 17.1.0.2, 17.1.0.3, 17.1.1, 17.1.1.1, 17.1.1.2, 17.1.1.3, 17.1.1.4

Opened: May 23, 2024

Severity: 3-Major

Symptoms

If an IPsec tunnel is deleted, the remote peer will not know about the deletion and invalid Security Associations (SAs) will remain valid.

Impact

Multiple SAs will be present on remote peer for some time.

Conditions

- Create IPsec interface mode tunnel. - Establish tunnel. - Change the configuration so that tunnel will be recreated. - Check on remote peer. SAs is not deleted immediately.

Workaround

The old SAs can be manually deleted on the peer device.

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips