My first thought is the application on the servers need to be session aware, meaning if a user session starts on one the others know about it and can pick it up, if needed. This would be required for the transparent requirement. Back to your question, I would troubleshoot with nslookup/dig against the WideIP before and after failover to confirm the client is seeing the IP address change. With dig you'll also see the ttl timeout and it should decrement. If that's true then I would look at the browser traffic to see if the app is somehow sending the client to an LTM pool member. I've seen this work successfully with VMWare VDI - not sure about the transparent part, but failover works.