Forum Discussion

f51's avatar
f51
Icon for Cirrostratus rankCirrostratus
Jun 29, 2017

Random logout of the BigIP

Hi DC,

 

In the middle of configuring VIP, my session is expiring and it is happening from today. I tried to login with admin account but no use.

 

Your login credentials are no longer valid

 

Thu Jun 29 2017 12:06:20

 

Your login credentials have either expired or are no longer valid for one of the following reasons: • Your login credentials have expired For security purposes, your login credentials are automatically expired after an extended time of inactivity. Administrators can modify the idle time before login credentials automatically expire in the System ›› Preferences section. • Your login credentials are no longer valid Changes made to your user account such as updating your password, changing your administrative role, or deleting your account have caused your credentials to become invalid.

 

To access the Configuration utility, you need to log in again.

 

Any Suggestions ?

 

application delivery
LTM

4 Replies

Sort By
  • jaikumar_f5's avatar
    jaikumar_f5
    Icon for MVP rankMVP
    Jun 30, 2017

    Did you try this: Article

     

    Configuring automatic logout for idle Configuration utility sessions

     

    To automatically log out inactive Configuration utility sessions after a specified idle time, perform the following procedure:

     

    Log in to the Configuration utility.

     

    Click System.

     

    Click Preferences.

     

    In the Security Settings section, enter an appropriate value for the Idle time before automatic logout setting. Note: The value is the number of seconds an administrative session should remain idle before the session is automatically logged out. Values may be in the range of 120 to 2,147,483,647 seconds. The default is 1200 seconds (20 minutes) and the idle time cannot be disabled.

     

    To save the new configuration, click Update.

     

  • ramnath_318378's avatar
    ramnath_318378
    Icon for Nimbostratus rankNimbostratus
    Oct 18, 2018

    the same thing happens in AWS platform for me too. I run 3NIC F5 with 90 days eval copy of BIG-IP-VE ,once i stop the BIGIP-VE instance for 3-4 hours and then restart again, it never allows me to login to the GUI console, and even if I manage to login, it drops in 5 secs and ask me to login again saying "Your login credentials are no longer valid" , but no issues with 'ssh' logins any help ?!

     

    i try manage to set the "Idle time before automatic logout setting" time to very high level, still no luck.

     

    ramnath.

     

    • ramnath_318378's avatar
      ramnath_318378
      Icon for Nimbostratus rankNimbostratus
      Oct 22, 2018

      Guess no answers yet. Im running Version BIG-IP 13.1.1 in AWS Platform, and as of no SNMP or any other Network Mgmt Software running in my BIG-IP Box. If I stop in nights and start in mornings to save some HW cost, it never responds for GUI console. and at the same time it works like charm in SSH console. And at end of the day I may have to kill/terminate the Instance (there i loose one of my license :( ) ,and install a new one with one more 90 day license. If I keep it ON for whole day/night,no issues noted either in GUI/SSH console.

       

      Pls Check

       

      regards ramnath.

       

  • Aditya_Chhillar's avatar
    Aditya_Chhillar
    Icon for Nimbostratus rankNimbostratus
    May 14, 2020

    Hi,

     

    Disable the "Require A Consistent Inbound IP For the Entire Web Session".

     

    What it does is, when checked (enabled), that the inbound IP address must remain the same during the extent of the connection to the BIG-IP system. If the IP address changes from the one used when the login session is authenticated, the system considers that as an attack and automatically logs the user out. When cleared (disabled), specifies that the inbound IP address can change, and that the system retains the connection throughout the session. The default is enabled.

     

    Disabling the 'Require A Consistent Inbound IP For The Entire Web Session' setting using the Configuration utility

    1. Log in to the Configuration utility.
    2. Navigate to System > Preferences.
    3. In Security Settings, click Advanced.
    4. Clear the Require A Consistent Inbound IP For the Entire Web Session check box.
    5. Click Update.

     

     

    Disabling the 'auth-pam-validate-ip' setting using tmsh

    1. Log in to tmsh by typing the following command:
    2. tmsh
    3. Disable the auth-pam-validate-ip setting by typing the following command:
    4. modify /sys http auth-pam-validate-ip off
    5. Save the change by typing the following command:
    6. save /sys config

     

     

    Reference: https://support.f5.com/csp/article/K13048

     

    Regards,

    Aditya Chhillar