Forum Discussion
Hi Karl,
You are running into an issue where apd will cache the session variable when you first use it. In this case you are setting it to "false" in the VPE. When the iRule then modifies the variable in tmm and you check it again in the access policy, apd will grab the value from cache instead of grabbing the new value from tmm set in the iRule. This is a known issue and is tracked as ID 420284.
Until this behavior can be modified you can set "session.custom.SymantecAPIerror" in the policy to "false" if you need it for a test before you trigger the iRule. If you do this, then in the iRule when you update the variable set it to "session.custom.SymantecAPIerror1" or something different than the original name. You would then test for "session.custom.SymantecAPIerror1" being "true" or "false" later in the VPE and it will pull the variable from tmm instead of looking at its local cache for the information. If you are not using the original setting of the variable for anything before the iRule you could just remove the variable assign from the VPE and the first time the session variable would be used is in the iRule which would then be new to apd when you test it later in the VPE.
I would also suggest opening a support case and asking to be linked to the ID listed above. This puts more visibility on issues and will help prioritize things going forward.
Hopefully this will help you resolve this issue.
Regards,
Seth Cooper