Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP All
Known Affected Versions:
11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3, 12.1.0 HF1, 12.1.0 HF2, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2
Fixed In:
12.0.0
Opened: Mar 09, 2015 Severity: 3-Major Related Article:
K45148021
IKE/IPsec SAs come up fine. but traffic does not pass.
Traffic does not pass, and the system posts an ICMP error message.
Configure ipsec-policy with an incorrect remote IP address.
Correct the remote IP address in the ipsec-policy configuration.
When the responder side ipsec-policy remote IP address is configured with wrong IP address, tunnel negotiation now fails, which is correct behavior.