Improved feature parity: ipsec ALG

[jussisjostrom]

trafficstars

Is your feature request related to a problem? Please describe.

Current AS3 schema does not support creating IPSEC ALG profile or attaching an IPSEC ALG profile to a virtual server.

Describe the solution you'd like

I would like to have the ability in AS3 to create ltm ipsec profile and attach that profile to virtual server, for improved feature parity to tmsh.

Describe alternatives you've considered

Now, the creation of ipsec profile and attaching it to virtual server must be done outside AS3, which is adding complexity when automating.

Additional context

Desired tmsh configuration: The AS3 declaration would create the profile with all properties in tmsh:

ltm profile ipsecalg ipsecalg {
    app-service none
    defaults-from none
    description none
    idle-timeout 3600
    initial-connection-timeout 3
    log-profile none
    log-publisher none
    partition Common
    pending-ike-connection-limit 5
}

Also, affecting the profile to virtual server / AS3 Service using a property like IPSEC_Profile, would configure the profile for a virtual server, example

ltm virtual vs_ipsec_udp_500 {
    ...
    profiles {
        ipsecalg {
            context all
        }
        ...
    }
}

[dstokesf5]

Thank you for your feedback. I have added the creation of ltm profile ipsecalg objects to our internal product backlog as AUTOTOOL-2747.

[sunitharonan]

If you are still looking for a fix, please reach out to us at [email protected] in order to prioritize.

[github-actions[bot]]

This issue has been automatically closed because there has been no response to our request for more information from the original author. With only the information that is currently in the issue, we don't have enough information to take action. Please reach out if you have or find the answers we need so that we can investigate further.