Bug ID 678388: IKEv1 racoon daemon is not restarted when killed multiple times

Last Modified: Nov 07, 2022

Affected Product(s):
BIG-IP TMOS(all modules)

Known Affected Versions:
12.1.0, 12.1.0 HF1, 12.1.0 HF2, 12.1.1, 12.1.1 HF1, 12.1.1 HF2, 12.1.2, 12.1.2 HF1, 12.1.2 HF2, 12.1.3,,,,,, 13.0.0, 13.0.0 HF1, 13.0.0 HF2, 13.0.0 HF3, 13.0.1, 13.1.0,,,,,,,,, 13.1.1

Fixed In:

Opened: Aug 14, 2017

Severity: 4-Minor

Related Article: K00050055


IPsec IKEv1 tunnels will fail and stay down indefinitely if the IKEv1 racoon daemon crashes. racoon does not get restarted by tmipsecd. This can occur if racoon has crashed more than once beforehand.


IPsec IKEv1 tunnels cannot be established because the racoon daemon is dead. The user will receive no CLI or web UI clues to indicate that racoon is dead. Attempts to reconfigure IPsec while racoon is dead will not resolve the problem.


The IPsec IKEv1 racoon daemon crashes, or is killed manually, multiple times.


Run the following command to restart the IPsec IKEv1 racoon and tmipsecd daemons at the same time: tmsh restart sys service tmipsecd

Fix Information

Fixed tmipsecd so it correctly tracks whether the IKEv1 racoon daemon is still running or needs a restart. This also covers odd timing, such as killing racoon right after it starts.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips