Forum Discussion

Nimbostratus

Apr 27, 2018

ipsec

Hello everybody, I have an architecture with 24 IPSEC servers behind a BigIP 2000 cluster. Customers are mobile phones configured with a public address as an IPSEC termination. Each pu...

MVP

Apr 28, 2018

from what i understand you want to load balance IPsec through the BIG-IP

first of all make sure you disable the F5 looking at the ipsec traffic, else it will fail

https://support.f5.com/csp/article/K14169

it suggests L4 which i would keep on any service, so you don't have to worry about difference between 4500 and 500 and ESP protocol

for persistence you need to look at the options

if IP source based persistence isnt possible due to change client IP you need to find something else.

it might be you just get different tunnels every time

https://devcentral.f5.com/questions/load-balancing-vpn-connection

Forum Discussion

ipsec

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Understanding IPSec IKEv2 negotiation on Wireshark

Understanding IPSec IKEv1 negotiation on Wireshark

Passthrough IPSec with AFM

Bgp inside ipsec tunnel

BIG-IP to Azure Dynamic IPsec Tunneling