Load balancing ipsec passthrough traffic

Question

Hello 
I seen some questions regarding load balancing ipsec traffic through F5 LTM. The answer that were provided said it should work. The suggestion is to use a forwarding VS on the LTM.  With forwarding VS can load balancing be done as well? Tried to configure a forwarding VS but no option to define a pool of resources. In our case we have &nbsp;
VPN clients ------internet------&gt;Our firewall-----&gt; F5 HA LTM -----------&gt; two windows 2012 ipsec RAS server. 
should this be possible or would it only work with one 2012 ipsec RAS server? If so what sort of LTM VS should be setup and does it also need a forwarding VS with SNAT for return traffic?&nbsp;

rico · Answer

Forwarding Virtual Servers are designed to implement routing solutions through the F5. This is why it does not allow pools. The minimum configuration for a VS that allows load balancing would be a Performance L4 VS. This allows all TCP traffic to be load balanced but can be configured to simply pass through all the data and not parse it.&nbsp;
If you configure a performance L4 VS with a fastL4 profile and the HTTP profile set to None, I believe your issue will be solved. &nbsp;
If you have any more questions, I am sure I can help.&nbsp;

Forum Discussion

Load balancing ipsec passthrough traffic

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Passthrough IPSec with AFM

fellow traffic

Re: NGINX for Azure: Load Balancing

Deploying F5 BIG-IP with Azure Cross-region load balancer

Lightboard Lessons: Local Traffic Manager Load Balancing Algorithms