We have a web application deployed to multiple servers running in IIS 7.5 Windows Server 2008R2, each with the same configuration, and the traffic is directed by Big-IP load balancer.
The IIS app pool's idle timeout and web application session state timeout are both set to 35 minutes, the same settings were applied in each server. We have a timeout page that displays timeout error when user idle time reaches 35 minutes.
However, out users are getting runtime error of Access Denied. Action not authorized!. We are able to reproduce this error in our test environment by setting the app pool idle timeout value to a shorter time than application session state timeout value. So it seems that the runtime error happens because the app pool timed out before the session times out.
I am suspect that Big-IP has a persistence session idle timeout setting that is set to a shorter time period and that that triggers Big-IP to time out the user session. Does anyone know how to retrieve this session idle timeout value and how to set it to a custom value?
This is an old question, but it's a common problem with load balanced sites. There are two settings to be aware of that could be contributing to this issue.
The first is the actual persistence timeout. You can check the persistence setting for a given site on the Big-IP by choosing the appropriate virtual server, then going to the resources tab. Check the value of the Default Persistence Profile. Then look under Local Traffic > Profiles > Persistence to see what timeout this particular profile corresponds to.
The other thing to check is the TCP idle timeout. By default this is 5 minutes, so it's common for it to kill long running database transactions. To find out what this is set to, under the virtual server, check the Protocol Profile. Then go to Local Traffic > Profiles > Protocol > TCP and find Idle Timeout in the profile.