Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0, 13.1.0.1, 13.1.0.2, 13.1.0.3, 13.1.0.4, 13.1.0.5, 13.1.0.6, 13.1.0.7, 13.1.0.8, 13.1.1
Fixed In:
14.0.0, 13.1.1.2, 12.1.3.6
Opened: Aug 19, 2017 Severity: 3-Major Related Article:
K44117473
The original racoon2 code has no support for DH generate or compute using elliptic curve algorithms for (perfect forward security). Additionally, the original interfaces are synchronous, but the only ECP support present uses API with async organization and callbacks, so adding ECP does not work.
Once the first child SA expires (or is deleted), the IKEv2 tunnel goes down when another SA cannot be negotiated.
Changing an ike-peer definition from the default phase1-perfect-forward-secrecy value of modp1024 to something using ECP: ecp256, ecp384, or ecp512. Note: The first child SA is negotiated successfully.
Use MODP for perfect-forward-secrecy instead of ECP.
Full support for ECP as PFS has now been added, so a new child-SA negotiated in a IKEV2EXCH_CREATE_CHILD_SA exchange works as expected for ecp256, ecp384, and ecp512.