Forum Discussion

Altostratus

Mar 15, 2020

APM with External IDP (SAML) unexpected disconnection

Hi, As a lot of people right now, we are deploying VPN profiles in emergency. For a specific scenario, we use an External IDP (SAML SSO) to connect the users, which works fine. However, we ge...

BIG-IP Access Policy Manager (APM)

saml

security

Julzor

Altostratus

Mar 15, 2020

We deployed some profiles without the Max Session Per User.

We quickly saw the Active Sessions rise like hell.

We do notice that some users have A LOT of session for a single device/username.

A username has 348 actives sessions, these are "LTM_APM" sessions.

Does anybody know what's going on?

Is it SAML related?

I can't figure out what to do right now.

EDIT :

We did put back the Max Session per user because it was uncontrolable, a few users could reach the 2500 Active Sessions that we as a maximum with the licence.

But we get disconnected after a few seconds again.

We did change to RADIUS authentication and now it looks like it's OK.

It makes NO sense to me right now so if anyone has a clue, it's more than welcome.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

APM with External IDP (SAML) unexpected disconnection

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Error post F5 upgrade

ACME DNS RFC-2136 Let's Encrypt certs

Big-IP LTM integration with Big-IP DNS in Azure

UCS Encryption Question

Dnssec deployment

Related Content

External Monitor Information and Templates

TACACS+ External Monitor (Python)

CSV to Address External Datagroup File

snmp-check external monitor

External Monitor Templates

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS