BIG-IP to Azure Dynamic IPsec Tunneling
In one of my previous posts we took a look at configuring the BIG-IP to act as a site-to-site VPN tunnel endpoint for connecting on-premises environments with Azure. At the time the BIG-IP only supp...
Published Dec 17, 2015
Version 1.0
Greg_Coward
Employee
EmployeeGreg_CowardEmployee
Employee
Bhavin
Nimbostratus
NimbostratusIn step 1, the PFS needs to be set to none to match Azure default settings. Otherwise the Phase 2 tunnel doesn't renew after it reaches its lifetime. I've been fighting this the past few days and with F5 support discovered that is the setting that's needed.
You can have multiple tunnels on the same float IP or self IP.