Bug ID 562959: In some error scenarios, IPsec might send packets not intended for the IPsec over the tunnel.

Last Modified: Oct 01, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP LTM(all modules)

Known Affected Versions:
11.5.1, 11.5.1 HF1, 11.5.1 HF10, 11.5.1 HF11, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 12.0.0, 12.0.0 HF1, 12.0.0 HF2, 12.0.0 HF3, 12.0.0 HF4

Fixed In:
11.6.1, 11.5.4 HF3

Opened: Dec 15, 2015
Severity: 2-Critical
Related AskF5 Article:
K37138515

Symptoms

In some error scenarios, IPsec might send packets not intended for the IPsec over the tunnel.

Impact

Tmm restart without core due to internal connection timeout.

Conditions

This occurs when there is some issue processing the packet going through IPsec tunnel.

Workaround

None.

Fix Information

IPsec now only sends packets intended for IPsec over the tunnel.

Behavior Change