Bug ID 452689: Tunnels built over IPsec tunnel interface does not work

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP All(all modules)

Known Affected Versions:
10.2.4, 11.0.0, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.10

Fixed In:
11.6.0, 11.5.2

Opened: Mar 18, 2014

Severity: 3-Major

Related Article: K16093


If the IPsec tunnel interface is used to construct another tunnel, such as IPIP, GRE tunnels, the innermost tunnel traffic cannot be passed through the IPsec tunnel interface.


Traffic does not pass as expected.


The self-IP of the IPsec tunnel interface is used as the local-address of other tunnel types.



Fix Information

Constructing such as IPIP, GRE tunnels using the IPsec tunnel interface now passes traffic as expected.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips