For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Etienne_Laval_3's avatar
Etienne_Laval_3
Icon for Nimbostratus rankNimbostratus
Apr 27, 2018

ipsec

Hello everybody,   I have an architecture with 24 IPSEC servers behind a BigIP 2000 cluster.   Customers are mobile phones configured with a public address as an IPSEC termination.   Each pu...
application delivery
BIG-IP
LTM
boneyard's avatar
boneyard
Icon for MVP rankMVP
Apr 28, 2018

from what i understand you want to load balance IPsec through the BIG-IP

 

first of all make sure you disable the F5 looking at the ipsec traffic, else it will fail

 

https://support.f5.com/csp/article/K14169

 

it suggests L4 which i would keep on any service, so you don't have to worry about difference between 4500 and 500 and ESP protocol

 

for persistence you need to look at the options

 

if IP source based persistence isnt possible due to change client IP you need to find something else.

 

it might be you just get different tunnels every time

 

https://devcentral.f5.com/questions/load-balancing-vpn-connection