BIG-IP Sourced Traffic Over IPSec

In your config there should be a VLAN assocated with the tunnel and you should have a self-ip associated with it.  For example let's assume you have a VLAN named TUNNEL_VLAN and you have an address range of 172.16.1.0/30 and have assinged 172.16.1.1 to the BIG-IP you are logged in as and you have assinged 172.16.1.2 to the remote end.  The traffic selector you have configured at least encompasses that range:

net ipsec traffic-selector selector-vpn-a5294dfd-0 {

    destination-address 172.16.1.0/30

    ipsec-policy ipsec-policy-vpn-a5294dfd-0

    partition LOCAL_ONLY

    source-address 172.16.1.0/30

And asssuming the rest of you BIG-IP VPN config looks correct (this is an example of a BIG-IP in AWS setting up an IPSEC tunnel), and you are allowing ICMP on your self-IPs.

net ipsec ike-peer peer-vpn-a5294dfd-0 {

    lifetime 480

    nat-traversal on

    phase1-auth-method pre-shared-key

    phase1-encrypt-algorithm aes128

    preshared-key-encrypted $M$uF$m+crQ1tis.....

    remote-address X.X.X.X

    version { v1 }

}

net ipsec ipsec-policy ipsec-policy-vpn-a5294dfd-0 {

    ike-phase2-auth-algorithm sha1

    ike-phase2-encrypt-algorithm aes128

    ike-phase2-lifetime 60

    ike-phase2-perfect-forward-secrecy modp1024

    mode interface

    partition LOCAL_ONLY

}

Then the following command should put traffic from your BIG-IP onto the tunnel matching the selector -

PING -I TUNNEL_VLAN 172.16.1.2