Does anyone have 11.6 LTM doing IPsec with 3rd party device

I haven't tried with other vendor yet, but if you plan to pass routing protocol through IPSec Tunnel, IPSec interface mode is needed.

Traffic selector will be between IPSec interface (self IP). Other interesting traffic will flow through routing protocols instead of traffic selector.

I got this working with IPSec interface, BGP, and two BIG-IP without issue.

It's an aged protocol, the wrong way of building networks. IPSec is being phased out with many clients I work with. One has a policy to not allow any IPSec implementations if both peers are not from the same vendor, on the same hardware, AND on the same software version. I think it's a great guideline to follow. Considering that 2-3 notable IPSec tunnel disruptions per week are common in x-vendor implementations, it's questionable if this protocol even has any practical use in today's production systems.

• Consider a central-services site (or lease cloud), and access your important business services via HTTPS, over the internet (public IP). Consider a MPLS private leased line if you have $ to spend. Anything you save in implementation costs by going for IPSec you lose due to service disruptions and break-fix maintenance costs (recurring tunnel resets, outage investigations etc.)