As you mentioned, you could use an iRule that would kill the session (ACCESS::remove) and force a new one.
The other option would be to use an iRule prior to the session starting (APM Event Order) and use the ACCESS:disable command to disable the APM from processing that request. (Note: If you have an existing session and use that command, you may get some odd behavior. Be sure to also remove the APM cookies like
MRHSession
and
LastMRH_Session
from the request so APM doesn't try to do anything with it.)
This is how I've gotten things like this to work in the past.