BugZero | F5 BugID 1126561 - Connections over IPsec fail when hardware accelera...

F5 - Defect ID: 1126561

Connections over IPsec fail when hardware acceleration in fastl4 is enabled

F5 - Defect ID: 1126561

Connections over IPsec fail when hardware acceleration in fastl4 is enabled

Last updated on 3/21/2025

Overall: 6.76.7

Severity: 7.37.3

Community: 4.14.1

Lifecycle: 6.46.4

What is the BugZero Risk Score?

Vendor details

Priority: 3-Major
Status: New
Impact Category: TMOS

Overall: 6.76.7

Severity: 7.37.3

Community: 4.14.1

Lifecycle: 6.46.4

What is the BugZero Risk Score?

Vendor details

Priority: 3-Major
Status: New
Impact Category: TMOS

Symptoms

Connection setup fails through IPsec tunnel.

Impact

Connections through the IPsec tunnel do not work.

Conditions

- rSeries and VELOS platform. - PVA acceleration is enabled in the fastL4 profile of the IPsec virtual on the responder BIG-IP.

Workaround

Disable PVA acceleration in the relevant fastL4 profile. PVA acceleration cannot be performed on flows going into or coming out of IPsec. This workaround returns the functionality as it was designed. F5 recommends creating Virtual Servers to specifically catch flows that go over IPsec tunnels. If a generic Virtual Server uses a fastL4 profile with acceleration disabled, then non-IPsec flows that could be accelerated will not be.

Fix Information

None

Original Vendor Announcement

No bugs this month

Ready to prevent the next vendor outage?

Get a demo

OPERATIONAL DEFECT DATABASE

F5 - Defect ID: 1126561

Connections over IPsec fail when hardware acceleration in fastl4 is enabled

F5 - Defect ID: 1126561

Connections over IPsec fail when hardware acceleration in fastl4 is enabled

Last updated on 3/21/2025

Vendor details

Vendor details

Description

Symptoms

Impact

Conditions

Workaround

Fix Information

Links

Top F5 defects by risk score

Ready to prevent the next vendor outage?