NimbostratusHi,
We have an F5 appliance load balancing a couple of .Net application servers. These servers send a "ASPXAUTH" cookie after successfully authentication to keep the user authenticated.
This works fine when the client accesses the server directly. However, this cookie is somehow removed when the server is accessed through F5 Appliance.
Any suggestions?
CumulonimbusHi Shaheryar,
Did you use APM or ASM?
Did you encrypt cookie?
And last question, What is the auth method of your application? (kerberos, form, ntlm, ...)
your answer will permit you to diag your problem
Regards
NimbostratusDid you use APM or ASM? - No.
Did you encrypt cookie? - No.
And last question, What is the auth method of your application? (kerberos, form, ntlm, ...) - Form
CumulonimbusHi Shaheryar,
So if you don't use ASM or APM and don't encrypt or manipulate cookie, i don't think that F5 remove or manage this cookie.
I just want to be sure about on thing: it could be that the cookie is generated on another domain. Le me explain, when you reach server directly, you will enter mybackend.mydomain.com and you will retrieve a cookie for this domain "mybackend.mydomain.com".
And maybe when you reach your app trough F5, you will enter myapp.mydomain.com and you retrieve a cookie for the domain "mybackend.mydomain.com"... and in this case it will not work and you can not see the cookie in your browser.
To validate my supposition can you modify your hostfile as following:
reach your backend server directly without f5 using the VS hosname:
1.1.1.1 myapp.mydomain.com
Where 1.1.1.1 is your backend IP.
Keep me update. Regards