Last Modified: Nov 07, 2022
Affected Product(s):
BIG-IP All
Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3, 12.1.3.1, 12.1.3.2, 12.1.3.3, 12.1.3.4, 12.1.3.5, 12.1.3.6, 12.1.3.7, 12.1.4, 12.1.4.1, 12.1.5, 12.1.5.1, 12.1.5.2, 12.1.5.3, 12.1.6, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1
Fixed In:
13.1.0
Opened: Dec 16, 2016 Severity: 2-Critical Related Article:
K33241169
Disabling an IKE peer using a checkbox in the GUI has no effect, and traffic continues.
IKE peer does not get disabled as expected, so new connections may be established. Traffic continues when the ike-peers have been disabled.
This is encountered when disabling IKE peers in the GUI.
Although it is not possible to disable the peer, you can still delete it.
You can now disable a peer without having to totally delete it. When a peer is disabled, no new connection will be allowed. Basically a disabled peer is treated as not existing, as if you had deleted it instead, but you can enable it without having to add it, as you would if it actually had been deleted.