Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

J_Tyreman_15188's avatar
J_Tyreman_15188
Icon for Nimbostratus rankNimbostratus
Apr 24, 2014

Session Persistence across devices

Hi all,   fairly new here and would like some help if possible, i have at the moment 2 IIS servers behind F5's the scenario i want is as follows:   user logs into website on one PC and user typ...
BIG-IP Access Policy Manager (APM)
security
Henrik_Gyllkran's avatar
Henrik_Gyllkran
Icon for Nimbostratus rankNimbostratus
Apr 25, 2014

There is a lot of interesting stuff that could be done with Universal Persistence, but some things to take into account in this particular case is if the servers are able to get the session ID or what you want to call it handled by other servers.

 

Let me give an example - the user connects with the first PC and is loadbalanced to server 1 and is assigned the session ID 12345, once he's finished on the first PC he moves on to the second PC and connects and could possibly be loadbalanced to server 2. Once he logs in, server 2 must be able to retrieve session ID 12345 that was handled by server 1 and only then would he be sent back to server 1.

 

If your application is able to handle that scenario, then it should be all right.