Bug ID 975093: Dynamic template HA: Missing ike/ipsec-sa's are seen on standby BIG-IP when dynamic tunnels are initiated

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP TMOS(all modules)

Fixed In:
16.1.0

Opened: Dec 18, 2020

Severity: 2-Critical

Symptoms

IPsec SA's are missing when traffic was stopped and started again.

Impact

IPSEC SA's are not propagated to the standby device.

Conditions

-- IPSEC dynamic templates configured -- IPSEC traffic is started, stopped, and started again

Workaround

None

Fix Information

HA-Template : Missing IKE SA's on standby when tunnels are deleted and recreated, issue related to buffer length.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips