Last Modified: May 14, 2019
See more info
Known Affected Versions:
11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2
13.0.0, 12.1.2 HF1, 11.6.1
Opened: Dec 14, 2015
Related AskF5 Article: K32111020
Certain url connections with 'local-port' option fail sometimes over IPsec tunnels when connection.vlankeyed db variable is disabled with 'curl: (7) couldn't connect to host' error.
TCP connections do not complete the three way handshake and traffic does not pass.
Using curl command with'--local-port' option causes the connections to fail on the BIG-IP system.
Disabling 'cmp' option in virtual server secures the traffic over IPsec tunnels.
Using curl command with'--local-port' option no longer causes the connections to fail on the BIG-IP system.