Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

huzer's avatar
huzer
Icon for Nimbostratus rankNimbostratus
Mar 03, 2026
Solved

GRE Tunnel Issue

Has anyone run into an issue with GRE tunnels on a BIG-IP? I have a few setup running into a TGW in AWS and something seems to break them. Config change, Module change, ?? I haven't been able to pin ...
application delivery
aws
big-ip
gre
LTM
tunnel
  • huzer's avatar
    huzer
    Mar 06, 2026

    In case someone stumbles across this article in the future: TGWs in AWS utilize ECMP and as of this writing you're unable to turn that off. We were experiencing asymmetric routing as a packet destined to AWS was being sent out one VLAN and returned via a different VLAN. It was visible in the traffic capture but I was hung IP on the ICMP response due to traffic returning on the wrong VLAN where there wasn't a listener. 

    All credit to F5 support as they found the issue. 

huzer's avatar
huzer
Icon for Nimbostratus rankNimbostratus
Mar 06, 2026

In case someone stumbles across this article in the future: TGWs in AWS utilize ECMP and as of this writing you're unable to turn that off. We were experiencing asymmetric routing as a packet destined to AWS was being sent out one VLAN and returned via a different VLAN. It was visible in the traffic capture but I was hung IP on the ICMP response due to traffic returning on the wrong VLAN where there wasn't a listener. 

All credit to F5 support as they found the issue. 

  • LiefZimmerman's avatar
    LiefZimmerman
    Icon for Admin rankAdmin
    Apr 06, 2026

    huzer​ - thank you for taking the time to return and share your resolution.
    Community quality depends on members who share, as you did here, their problems and solutions.
    Thank you. 

    I've taken the liberty, based on your reply, of marking your reply as the solution.
    If that is incorrect let me know, or you may un-mark it yourself at any time.