Forum Discussion
CirrusIssue with Mobile devices using APM. Getting "Connection Reset / Lost"
I am experiencing an issue with accessing our APM with a mobile device. Initially, I thought it was only on Apple products but have since been able to recreate it on Android consistently. What happens is when you attempt to access our APM for SAML auth from a mobile device, it gives a Connection error. Then, when you refresh the mobile browser, the webtop is displayed properly or SAML is passed. On Android devices you get "ERR_CONNECTION_RESET", on Apple devices you get "Network connection was lost".
So it goes like this: Start a session by going to https://sso.mycompany.com and get presented with logon screen.
Log in successfully and on the APM side, it's just standard AD Authentication, but it gives "Connection lost" screen. The logs also do not show it presenting the Webtop.
Then if you hit the refresh button, everything shows properly.
Any ideas would be greatly appreciated.
6 Replies
The first thing to do when troubleshooting APM session issues like this is to examine the log messages in /var/log/apm. Do this and look for errors that occur that may correspond to the client problems.
SAML errors, from a client perspective, usually result in a "RST" or similar behavior and are only visible on the BIG-IP log files. The logging is quite comprehensive though and usually reveals the source of the problem.
mike_drennen_16Thanks for the reply. That's what has me confused, the logs really don't show a whole lot. It seems on mobile, both iOS and Android, if I clear browsing history, it will work perfectly the first time, then start with the connection issue every time afterward. here is logs when it works: 2016-03-14 08:26:13 Received User-Agent header: Mozilla%2f5.0%20(Linux%3b%20Android%205.0.2%3b%20STUDIO%20ENERGY%20Build%2fLRX21M)%20AppleWebKit%2f537.36%20(KHTML%2c%20like%20Gecko)%20Chrome%2f47.0.2526.83%20Mobile%20Safari%2f537.36. 2016-03-14 08:26:13 Received client info - Type: Safari Version: 1 Platform: Android CPU: unknown UI Mode: Mobile Smart Phone Javascript Support: 1 ActiveX Support: 0 Plugin Support: 0 2016-03-14 08:26:13 New session from client IP 166.171.58.82 (ST=Maryland/CC=US/C=NA) at VIP 208.84.9.37 Listener /Common/MRC_O365.app/MRC_O365_vs (Reputation=Unknown) 2016-03-14 08:26:30 Connectivity resource '/Common/MRC_O365.app/MRC_O365_apm_saml_resource_sso' assigned 2016-03-14 08:26:30 Connectivity resource '/Common/Novatus' assigned 2016-03-14 08:26:30 Connectivity resource '/Common/Workfront' assigned 2016-03-14 08:26:30 Webtop '/Common/MRC_O365.app/MRC_O365_apm_webtop' assigned 2016-03-14 08:26:30 Following rule 'fallback' from item 'Advanced Resource Assign' to ending 'Allow' 2016-03-14 08:26:30 Access policy result: Full 2016-03-14 08:26:30 Username 'mike.drennen' Here are logs when it does the connection drop: 2016-03-14 07:40:01 Received User-Agent header: Mozilla%2f5.0%20(iPhone%3b%20CPU%20iPhone%20OS%209_2_1%20like%20Mac%20OS%20X)%20AppleWebKit%2f601.1.46%20(KHTML%2c%20like%20Gecko)%20Mobile%2f13D15. 2016-03-14 07:40:01 Received client info - Type: Safari Version: 1 Platform: iOS CPU: unknown UI Mode: Mobile Smart Phone Javascript Support: 1 ActiveX Support: 0 Plugin Support: 0 2016-03-14 07:40:01 New session from client IP 166.170.29.152 (ST=Maryland/CC=US/C=NA) at VIP 208.84.9.37 Listener /Common/MRC_O365.app/MRC_O365_vs (Reputation=Unknown) 2016-03-14 07:40:16 Username 'jr.foster' 2016-03-14 07:45:30 \N: Session deleted due to user inactivity or errors. 2016-03-14 07:46:11 Session statistics - bytes in: 4772, bytes out: 1695- mike_drennen_16Sorry, i tried twice to fix the formatting of that comment.
- To post logs you can just enclose in the HTML "pre" tag.
