For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

cjunior's avatar
cjunior
Icon for Nacreous rankNacreous
Mar 14, 2016

First I thank you.

 

I know that in version 12.0, we have to choose a scope for the policy. Thus, I tried all scope types Global, Virtual Server and Profile but I didn't have success with APM in profile type mode All.

 

However, with this profile type as LTM-APM, the APM sessions persistence was kept and worked as expected. What I hope is that when domain cookie is set, it will keep the APM session alive where requesting hosts over the same VS and domain name.

 

e.g.

 

DNS: www.f5lab.netIN A 172.30.30.100

 

DNS: services.f5lab.net IN A 172.30.30.100

 

LTM my_vs: 172.30.30.100:443, Access profile: my_policy

 

APM: my_policy, Type: All, Scope: Global

 

Domain Mode: Single Domain

 

Domain Cookie: .f5lab.net

 

Expected:

 

https://www.f5lab.net (requires authentication)

 

https://services.f5lab.net (reuse previous authentication)

 

I have done this in a version 11.6 and it works, but I had no lucky with v12.0.

 

I know that the link below is not related about v12.0, but it seems to be the same issue. So I asked if it makes sense.

 

https://devcentral.f5.com/questions/sso-auth-domains-not-maintaining-session