Bug ID 980117

Bug Tracker
ID 980117

Bug ID 980117: Dynamic template HA: Missing ike-sa's are seen on standby BIG-IP when Initiator is placed behind NAT

Last Modified: Apr 28, 2025

Affected Product(s):
BIG-IP TMOS(all modules)

Fixed In:
16.1.0

Opened: Jan 07, 2021

Severity: 2-Critical

Symptoms

Missing ike-sa's are seen on standby BIG-IP when Initiator is placed behind NAT

Impact

IKE-SA's are not propagated to the standby device.

Conditions

-- Initiator is behind a NAT. -- High availability (HA) pair between BIG-IP. -- Dynamic template configuration on BIG-IP and NAT traversal is 'ON'. -- IPsec tunnel client traffic

Workaround

None

Fix Information

None

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips