load balance vpn tunnels

Question

Hi community-
I have 2 pair of 4000 ltm/gtm/apm.  I would like to load balance a vpn tunnel or two in active standby pair, with a site to site vpn tunnel. 
Will this be possible on 11.5?&nbsp;

mahmoud_eldeeb_ · Answer

would you like to terminate IPSec traffic at BIG-IP, or to IPSec traffic will pass-through BIG-IP ? &nbsp;

mahmoud_eldeeb_ · Answer

Also there is a white paper it might help
http://preview.f5networks.net/pdf/white-papers/microsoft-direct-access-white-paper.pdf&nbsp;

wwalla_99196 · Answer

Ipsec traffic will terminate on the f5 with an asa on the inside passing the traffic to the inside core.  Imagine our 4k ltm/gtm dual isp vpn tunnels terminating at a 3rd party site.  We would like our outbound connections to this 3rd party site to be load balanced or at least failover to the 3rd party.

donald_endres_2 · Answer

I am in a similar situation. I have 2 ipsec tunnels over different carriers terminated by bigip and cisco asa. With the traffic-selector abstraction, there does not seem to be a way to monitor and score tunnels for an active/standby configuration or load balancing. I have not been able to successfully use "ipsec-policy" "mode interface". Any recommendation would be greatly appreciated.

philip_tan_1205 · Answer

Were you able to receive an answer to this question?&nbsp;

Forum Discussion

load balance vpn tunnels

5 Replies

Win Big in Vegas: The iRules Contest is back with $5k on the line at AppWorld 2026

Jürgen - February 2026 Featured Member

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

SSL and Uri Rewrites

Pre & Post validation of F5 configuration

Upgrading vCMP guest

DNS topology not distributing as expected

Sizing calculation storage

Related Content

Transparent Load Balancing in Azure

Four Active/Active load balancing examples with F5 BIG-IP and Azure Load Balancer

What is Load Balancing?

Load Balancing WebSockets

Load Balancing TCP TLS Encrypted Syslog Messages

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS