Unable to add access policy - getting Your session could not be established.

Question

I have version 11.6.0 build 0.0.401 running in VMware workstation version 12 with a lab license.
The other day I added extra VMs and one of them had the same IP address as I was using as the self-ip on the big-ip. I also exceeded the memory of my system. In the boot screen I saw some strange errors that I didn't document but having realised my error I cleared out an old configuration and changed the self ip.&nbsp;
Now I create a new node, pool and vip all simple stuff and I can connect to my backend default website.&nbsp;
Now the problem is when I add an access policy that contains just a message box I get the session error page in the browser.&nbsp;
I am also getting init: Id "co" respawning too fast: disabled for 5 minutes in the VM.&nbsp;
I tried to create a new VM but I am unable to activate the license.&nbsp;
Any help here would be much appreciated.&nbsp;

cody_green_1030 · Answer

Andy, you can call F5 support and have the license released from the previous VM's id.  &nbsp;

andy_from_sandy · Answer

Thank you. I realised like a good it pro I had a backup of the VM. The restore is fine so no worry on needing to make contact.
What I can't figure out at present is I can create a VIP for SSL connection and I can add an APM access policy but if I add the policy to a HTTP non SSL VIP I get the "Your session could not be established. I did change the cookie to HTTP only but it didn't make any difference.&nbsp;

ali_khan · Answer

what's in the APM logs? Grep sessionref /var/log/apm&nbsp;

andy_from_sandy · Answer

This is all there is:
[root@bigip:ModuleNotLicensed:Active:Standalone] config  tail -200 /var/log/apm | grep -i 87B33CBB
Aug 26 06:09:41 bigip notice tmm[14937]: 01490506:5: 87b33cbb: Received User-Agent header: Mozilla%2f5.0%20(Windows%20NT%206.1%3b%20WOW64%3b%20Trident%2f7.0%3b%20rv%3a11.0)%20like%20Gecko.
Aug 26 06:09:41 bigip notice tmm[14937]: 01490544:5: 87b33cbb: Received client info - Type: IE Version: 11 Platform: Win7 CPU: WOW64 UI Mode: Full Javascript Support: 1 ActiveX Support: 1 Plugin Support: 0
Aug 26 06:09:41 bigip notice tmm[14937]: 01490500:5: 87b33cbb: New session from client IP 192.168.213.10 (ST=/CC=/C=) at VIP 192.168.213.26 Listener /Common/VS_BIP_INTRANET (Reputation=Unknown)
[root@bigip:ModuleNotLicensed:Active:Standalone] config &nbsp;

andy_from_sandy · Answer

This is what happens when I use the SSL connection with the same access policy. It displays the logon page:&nbsp;
Aug 26 06:17:30 bigip notice tmm1[14937]: 01490506:5: 3bb1c585: Received User-Agent header: Mozilla%2f5.0%20(Windows%20NT%206.1%3b%20WOW64%3b%20Trident%2f7.0%3b%20rv%3a11.0)%20like%20Gecko.
Aug 26 06:17:30 bigip notice tmm1[14937]: 01490544:5: 3bb1c585: Received client info - Type: IE Version: 11 Platform: Win7 CPU: WOW64 UI Mode: Full Javascript Support: 1 ActiveX Support: 1 Plugin Support: 0
Aug 26 06:17:30 bigip notice tmm1[14937]: 01490500:5: 3bb1c585: New session from client IP 192.168.213.10 (ST=/CC=/C=) at VIP 192.168.213.28 Listener /Common/VS_BIPWEBSERVER (Reputation=Unknown)
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "process_request()" line: 660 Msg: //=========================================
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "process_request()" line: 661 Msg:  Request received
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "process_request()" line: 662 Msg: //-----------------------------------------
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "readFromSocket()" line: 63 Msg: bytes_received: 237, len: 237
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "readFromSocket()" line: 87 Msg: first header received: GET /my.policy HTTP/1.1
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "parseHttpRequestHeader()" line: 310 Msg: HTTP Method received: GET
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "parseHttpRequestHeader()" line: 339 Msg: HTTP URI received: /my.policy
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "parseHttpRequestHeader()" line: 384 Msg: HTTP major version received: 1
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "parseHttpRequestHeader()" line: 385 Msg: HTTP minor version received: 1
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "readFromSocket()" line: 94 Msg: generic header received: client-session-id: 644a46926d7cf5289aa0b6bd3bb1c585
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "parseHttpGenericHeader()" line: 432 Msg: Header received, client-session-id: 644a46926d7cf5289aa0b6bd3bb1c585
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "readFromSocket()" line: 94 Msg: generic header received: session-key: 052ba0ccff14fce8e4594e2c3bb1c585
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "parseHttpGenericHeader()" line: 432 Msg: Header received, session-key: 052ba0ccff14fce8e4594e2c3bb1c585
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "readFromSocket()" line: 94 Msg: generic header received: profile-id: /Common/APM_TEST
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "parseHttpGenericHeader()" line: 432 Msg: Header received, profile-id: /Common/APM_TEST
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "readFromSocket()" line: 94 Msg: generic header received: session-id: 3bb1c585
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "parseHttpGenericHeader()" line: 432 Msg: Header received, session-id: 3bb1c585
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "readFromSocket()" line: 94 Msg: generic header received: snapshot-id: 7432fb5e4d_1oooooooooooooooooooo
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "parseHttpGenericHeader()" line: 432 Msg: Header received, snapshot-id: 7432fb5e4d_1oooooooooooooooooooo
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "readFromSocket()" line: 94 Msg: generic header received: cmp-pu: 1
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "parseHttpGenericHeader()" line: 432 Msg: Header received, cmp-pu: 1
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: HTTPParser.cpp func: "readFromSocket()" line: 82 Msg: Complete header received: 237
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "process_request()" line: 678 Msg: Received Session Id: "3bb1c585"
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "process_request()" line: 680 Msg: Received Profile Id: "/Common/APM_TEST"
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "process_request()" line: 682 Msg: request-from: ""
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "process_request()" line: 684 Msg: clientless-mode: ""
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "process_request()" line: 686 Msg: no-inspection-host-mode: ""
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "process_request()" line: 688 Msg: Received CMP Process Unit: "1, mc = 0x5b5eff44"
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "process_request()" line: 690 Msg: start processing of the access policy
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyProcessor/AccessPolicyProcessor.cpp func: "_initSession()" line: 467 Msg: access policy processing: 0
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyProcessor/AccessPolicy.cpp func: "execute()" line: 298 Msg: Let's evaluate rules, total number of rules for this action=1
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyProcessor/AccessPolicy.cpp func: "execute()" line: 304 Msg: Rule to evaluate = ""
Aug 26 06:17:30 bigip info apd[10678]: 01490006:6: 3bb1c585: Following rule 'fallback' from item 'Start' to item 'Logon Page'
Aug 26 06:17:30 bigip debug apd[10678]: 01490011:7: 3bb1c585: Logon agent: ENTER Function executeInstance
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: modules/LogonPage/SimpleLogonPage/SimpleLogonPageAgent.cpp func: "SimpleLogonPageAgentexecuteInstance()" line: 1134 Msg: SCIM session state variables: Request Type : Request Domain : GroupName : UserName : ClearCache:0
Aug 26 06:17:30 bigip debug apd[10678]: 01490012:7: 3bb1c585: Logon agent: LEAVE Function executeInstance
Aug 26 06:17:30 bigip info apd[10678]: 01490004:6: 3bb1c585: Executed agent '/Common/APM_TEST_act_logon_page_ag', return value 3
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyProcessor/AccessPolicy.cpp func: "_executeOneAgent()" line: 116 Msg: user input is required
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "process_request()" line: 737 Msg: processing of access policy is done, result code=fffffff3
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "writeSessionVarToSessionDb()" line: 1551 Msg: syncing data with MEMCACHED
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: memcache.c func: "mc_convert_session_var_to_mc_key()" line: 2094 Msg: Converted Var: session.logon.page.customization.group to Session Var tmm.session.3bb1c585.session.logon.page.customization.group
Aug 26 06:17:30 bigip info apd[10678]: 01490007:6: 3bb1c585: Session variable 'session.logon.page.customization.group' set to '/Common/APM_TEST_act_logon_page_ag'
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: ./AccessPolicyProcessor/Session.h func: "setSessionInactive()" line: 870 Msg: 3bb1c585: done with request processing
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "sendAccessPolicyResponse()" line: 1689 Msg: send 'redirect to EUIE' code, redirect URL="/agent_logon_page_form.eui?"
Aug 26 06:17:30 bigip debug apd[10678]: 01490000:7: AccessPolicyD.cpp func: "process_request()" line: 767 Msg:   ** done with the request processing **&nbsp;

Forum Discussion

Unable to add access policy - getting Your session could not be established.

9 Replies

Recent Discussions

F5 loadbalancer not working

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Related Content

SAML IdP Initiated SSO Denied and Killing Existing Session established through OAuth

Getting Started with BIG-IP Next: Upgrading Central Manager

Re: Using Terraform and Volterra to establish secure connectivity between clouds

Getting Started with BIG-IP Next: Adding Instances to Central Manager

Get Started With Kubernetes SIG Gateway API