Forum Discussion
4 Replies
The change you made in the cookie insert profile applies to new connections only.
If there are current KeepAlive connections of clients (i.e. a typical webbrowser keeps connections open, even if having the site open in a tab or a different window).
There might be users which got the default cookie and simply did not close their browsers completely. They will keep sending the (unwanted) cookie until the browser is completely closed and this session cookie will be discarded.
- SalCAltostratus
Thanks, I thought the same thing, but it has been several weeks since I updated all the cookie persistence profiles. You gave me an idea though; I'm going to try modifying the cookie and setting the expiration to a set duration as opposed to session, and see if that clears it up.
- Ed_MartensCirrus
Have you tried:
https://support.f5.com/csp/article/K95345460?- SalCAltostratus
Yep, and the ASM learning suggestions are seeing the default BIGIP cookie still and suggesting I add it that way, when in theory? the default cookie shouldn't be in use. I'm going to try setting an expiration timer on the cookie as opposed to session, and see if that clears any old cookies users may still have (I'm thinking even after several weeks.. users may not have closed their browsers)