Last Modified: Apr 28, 2025
Affected Product(s):
APM-Clients TMOS
Fixed In:
7.1.8.1
Opened: May 15, 2019 Severity: 3-Major
Previously, when redirecting from a virtual server to another virtual server which is reachable only by a client-side proxy and has a different hostname, the request for detecting APM failed. This happened because the Client Type session variable for the session created was IE instead of standalone, which resulted in denied access to the user when the policy had a Client Type agent and a delay in completing logon when the redirected hostname had multiple IP addresses.
- If redirected hostname is a virtual server, client type session variable for the session created will be "IE" instead of "Standalone". If the policy has Client Type agent, user may be denied access based on client type. - If redirected hostname has multiple IP addresses, user may experience delay in completing logon.
- Virtual server with Access Policy that involves redirects (either to another virtual server with different hostname or any other external authentication related redirects e.g. SAML) - Redirected hostnames are only reachable via client side proxy.
None
With this release, the created Client Type session variable is standalone, and the issue is resolved.