Last Modified: Sep 13, 2023
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.6.0
Fixed In:
13.0.0, 12.1.2 HF1, 11.6.1
Opened: Dec 14, 2015 Severity: 3-Major Related Article:
K32111020
Certain url connections with 'local-port' option fail sometimes over IPsec tunnels when connection.vlankeyed db variable is disabled with 'curl: (7) couldn't connect to host' error.
TCP connections do not complete the three way handshake and traffic does not pass.
Using curl command with'--local-port' option causes the connections to fail on the BIG-IP system.
Disabling 'cmp' option in virtual server secures the traffic over IPsec tunnels.
Using curl command with'--local-port' option no longer causes the connections to fail on the BIG-IP system.