Forum Discussion

Julzor's avatar
Julzor
Icon for Altostratus rankAltostratus
Mar 15, 2020

APM with External IDP (SAML) unexpected disconnection

Hi, As a lot of people right now, we are deploying VPN profiles in emergency.   For a specific scenario, we use an External IDP (SAML SSO) to connect the users, which works fine. However, we ge...
BIG-IP Access Policy Manager (APM)
saml
security
Julzor's avatar
Julzor
Icon for Altostratus rankAltostratus
Mar 15, 2020

We deployed some profiles without the Max Session Per User.

 

We quickly saw the Active Sessions rise like hell.

 

We do notice that some users have A LOT of session for a single device/username.

A username has 348 actives sessions, these are "LTM_APM" sessions.

 

Does anybody know what's going on?

Is it SAML related?

 

I can't figure out what to do right now.

 

EDIT :

We did put back the Max Session per user because it was uncontrolable, a few users could reach the 2500 Active Sessions that we as a maximum with the licence.

But we get disconnected after a few seconds again.

 

We did change to RADIUS authentication and now it looks like it's OK.

It makes NO sense to me right now so if anyone has a clue, it's more than welcome.