Last Modified: Feb 03, 2026
Affected Product(s):
BIG-IP TMOS
Known Affected Versions:
21.0.0, 21.0.0.1
Opened: Jan 28, 2026 Severity: 3-Major
- Configuration reapplication fails with the error: 01070712:3: Cannot get device index for <tunnel_name> in <route_domain_name> - ioctl failed: No such device - IPsec tunnel configuration deployment fails in BIG-IP v21.0. - Tunnel object is present in MCPD, but the corresponding Linux tunnel tap device is missing. - HA configuration synchronization fails or remains out of sync. - This may affect other config objects like that need to setup tuntap devices on the linux host, but the problem has only been observed for IPsec.
Application and IPsec tunnel configuration deployment fails. HA synchronization cannot complete successfully, leaving devices out of sync.
- BIG-IP version 21.0.x. - IPsec tunnel configured within a non-default route domain (e.g., RD 31). - Associated objects (self IPs, route domains, IPsec policies, traffic selectors, tunnels) are present in MCPD. - HA environment with configuration synchronization enabled between peers. - Repeated configurations add/delete operations or automation-driven deployments.
It is possible to create the missing tuntap device on the linux host. # rdexec <route_domain_id> ip tuntap add <tunnel_name> mode tap It is unsafe to let this placeholder interface stay in place, so delete the config object via tmsh, web UI, etc. Then deploy the desired config again to create the tunnel object.
None