F5 Logo MyF5
Search
  1. MyF5 Home
  2. BIG-IP TMOS: Tunneling and IPsec
  3. Configuring IPsec in Tunnel Mode between a Remote Device and BIG-IP using Dynamic Template
  4. Task summary for configuring IPsec in tunnel mode using dynamic template
  5. Creating a bidirectional IPsec traffic selector for dynamic template
Manual Chapter : Creating a bidirectional IPsec traffic selector for dynamic template

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 17.5.0, 17.1.2, 17.1.1, 17.1.0

BIG-IP Link Controller

  • 17.5.0, 17.1.2, 17.1.1, 17.1.0

BIG-IP LTM

  • 17.5.0, 17.1.2, 17.1.1, 17.1.0

BIG-IP AFM

  • 17.5.0, 17.1.2, 17.1.1, 17.1.0

BIG-IP ASM

  • 17.5.0, 17.1.2, 17.1.1, 17.1.0
Manual Chapter

Creating a bidirectional IPsec traffic selector for dynamic template

The traffic selector you create filters traffic based on the IP addresses and port numbers that you specify, as well as the custom IPsec policy you assign.
  1. On the Main tab, click
    Network
    IPsec
    Traffic Selectors
    .
  2. Click
    Create
    .
    The New Traffic Selector screen opens.
  3. In the
    Name
     field, type a unique name for the traffic selector.
  4. In the
    Description
     field, type a brief description of the traffic selector.
  5. For the
    Order
     setting, retain the default value (
    First
    ).
    This setting specifies the order in which the traffic selector appears on the Traffic Selector List screen.
  6. From the
    Configuration
     list, select
    Advanced
    .
  7. For the
    Source IP Address
     setting, click
    Host
     or
    Network
    , and in the
    Address
     field, type an IP address.
    This IP address should be the host or network address from which the application traffic originates.
    This table shows sample source IP addresses for Router in site B.
    System Name
    Source IP Address
    Router in site B
    4.4.4.0/24
  8. From the
    Source Port
     list, select the source port for which you want to filter traffic, or retain the default value
    *All Ports
    .
  9. For the
    Destination IP Address
     setting, click
    Host
    , and in the
    Address
     field, type an IP address.
    This IP address should be the final host or network address to which the application traffic is destined.
    This table shows sample destination IP addresses for any device in site A.
    System Name
    Destination IP Address
    Device in Site A
    192.0.2.13
  10. From the
    Destination Port
     list, select the destination port for which you want to filter traffic, or retain the default value
    * All Ports
    .
  11. From the
    Protocol
     list, select the protocol for which you want to filter traffic.
    You can select
    * All Protocols
    ,
    TCP
    ,
    UDP
    ,
    ICMP
    , or
    Other
    . If you select
    Other
    , you must type a protocol name.
  12. From the
    Direction
     list, select
    Both
    .
  13. From the
    Action
     list, select
    Protect
    .
    The
    IPsec Policy Name
     setting appears.
  14. From the
    IPsec Policy Name
     list, select the name of the custom IPsec policy that you created.
  15. Click
    Finished
    .
    The screen refreshes and displays the new IPsec traffic selector in the list.
Contact Support Contact Support

Have a Question?

Support and Sales >

About F5

Education

F5 Sites

Support Tasks




©2023 F5, Inc. All rights reserved.


Trademarks Policies Privacy California Privacy Do Not Sell My Personal Information