For enhanced security, you can authenticate and encrypt application traffic flowing through a tunnel by using the IP Security (IPsec) protocol. The IPsec protocol secures IP communications by authenticating and encrypting each IP packet of a data stream.
When your network environment does not include the Internet Key Exchange (IKE) protocol, you must create a manual security association for IPsec security. A manual security association statically defines the specific attribute values that IPsec should use when negotiating the authentication and encryption of data flowing through the tunnel.
Implement IPsec with a manual security association configuration to encrypt traffic as it passes through a tunnel, such as an EtherIP or an iSession tunnel. To set up this configuration, you must verify a few prerequisite tasks, as well as create some configuration objects on the BIG-IP system.
Before you begin configuring IPsec, verify that these BIG-IP objects and module exist on the BIG-IP system:
To summarize, you now have this IPsec configuration on this BIG-IP system, for both inbound and outbound traffic: