Error: "Session not allowed from this location" message seen in client browser and/or "Client verification failed:" or “Session not allowed from this location” warnings are found in the proxy logs.
A user switches from a wired network connection to wireless and then experiences this error when accessing an application through the proxy. Restarting all browsers does not allow the user to access the application as expected and they must wait for a session timeout before they can access Cloud Access Manager again.
External users of Internet Explorer find some pages are not displayed successfully when performing tasks such as Print Preview or using browser extensions on applications accessed through the proxy. This is due to IE’s Protected Mode not allowing persistent cookies to be shared between the ‘protected’ cache and the regular browser cache; this includes the CAM_UAID cookie which holds the user agent ID.
For the network IP address change issue:
- Users can logout from within the App Portal or navigate to https://
- Users can start a different browser to host a new Cloud Access Manager session
Note: restarting the existing browser without a logout from Cloud Access Manager will retain the same client connect string and pick up the existing session cookie which is still alive on the proxy.
For the IE Protected Mode issue:
Microsoft recommend moving affected sites to the Trusted Sites zone in Internet Explorer. It may be possible to push this out to all users via Group Policy or affected users can change their configuration locally.
From CAM v8.0.1 the following enhancement was added: #441661 "Disable session consistency checking".
To enable this option in the Admin UI navigate to Settings | Show advanced settings | Tune the Cloud Access Manager Proxy | Add a new property:
© 2020 One Identity LLC. ALL RIGHTS RESERVED. Feedback Nutzungsbedingungen Datenschutz