Well I am not an expert in this kind of proxy matters, but I really think this is an issue that definitely must be solved by your IT department. The behaviour of Ariba is quite normal to prevent any kind of hacking against customers' data. This does not only happens in Ariba solutions, but if you log in to Google, Facebook, Yahoo, or whichever site that uses a session cookie, and then in the middle of the session you suddendly change the IP, I bet you will get a similar error.
I mean, think of it like this: you log in with your username and password from an IP (which for the server is like you are at a precise physical location). If you log out, change the IP and log in again nothing happens since you are logging in from a different location, but from the beginning of the whole session. What it seems to me really weird is that your servers change the IP of your computers with no warnings of closing sessions of something like that. As a result (again, in the middle of a session) Ariba detects that you have suddendly changed the IP. If you think of it carefully, this is very suspicious for a server, and blocking the session is the most normal response since a sudden IP change can be interpreted as a hacking attempt.
I also had the same issue a couple of times after logging in. I lost connection to the enterprise network, got connected again, I was given a new IP by the system, and Ariba terminated my session. If your problem is that your servers are doing this continiously, then I recommend you to talk to your IT department to find a solution. Changing the IP is quite normal in all enterprises, we also do it, but only if you log out and in again to your enterprise network. Changing the IP during the course of your connection without having logged out seems to me inconvenient when it comes to sites where you need to log in with a username and password (thus storing a session cookie).
Hope this helps, and hopefully you find a solution. Best regards.
Look, I know that IT has to solve this, but my IT department is not able to help much - at least not without a LOT more info. SOMEONE out there in the user community has resolved this at their company. I really need to hear from someone who has and how you did it.
Well, it's unfortunate that your IT dept. is of no help on this issue.
As Carlos has pointed out, it's strange that the ip address has to change while the user is logged in on the same network (unless the modem is reset etc). I would like to add that it's actually more strange that Webroot had to change the subnet also. If the IT department is not helping, surely your (application) technical team could certainly reach out to Webroot quickly and confirm the facts. Also, I'm sure there must be a way in your company's webroot account settings to control the subnet (mask), which of course your dreaded IT dept has to do. And I'm sure they will oblige once you present them the information from Webroot customer support, and with a little nudge from your Business sponsor.
Also, as a first step, you could try adding *.ariba.com as a trusted site and see if that helps before working with Webroot.
adding *.ariba.com as a trusted site was the very FIRST thing we did to combat this problem. The help that provided was minimal.
As I have stated, we have no control over what the cloud-based proxy does to balance traffic loads. THAT's where our problem comes from. When they load-balance, our traffic gets shuttled to a different server in a different subnet of their cloud. Ariba sees that change and reacts badly.
I have new word from my IT department that Ariba is at least partially to blame for this whole mess. We have rules baked into our infrastructure for what we THOUGHT was all our Ariba traffic. It turns out that Ariba added an IP range without informing us. When we initially had this problem over a year ago, we asked for all Ariba domains and IP ranges. We asked multiple times if this was ALL that Ariba was using. We were told that is was. We asked to be informed of any changes as this would affect our traffic. IT setup the firewalls and routers according to the information provided and this drastically reduced the problem for months. Then the problem began to resurface and get steadily worse. Ariba again provided the IP ranges and IT discovered a previously undisclosed subnet (.106) which could certainly account for the problem.
from my IT group:
"It looks like Ariba has added a new address range to their list of addresses (the one in bold font) without notifying us.
188.8.131.52 to 184.108.40.206
220.127.116.11 to 18.104.22.168
22.214.171.124 to 126.96.36.199
188.8.131.52 to 184.108.40.206
I was afraid we would be playing this cat and mouse game with them. This will require a change to all of our routers and firewalls."
My IT group will implement the new address range in their configuration, but my fear is that this will happen many more times. Every time someone gets "severed" in the middle of a shopping session, it breeds ill-will in my user community. That breeds ill will between Ariba and my company overall.
Certainly understand the frustration here. Have been working in the background on this and have reached out to wide range of internal associates who may have knowledge of this as well as those who have contact with clients to see if there are others who are experiencing similar situations with their internet proxy and content filter. Would expect to hear somthing soon, if anyone has experienced this within their company's environment. I'll continue to update you on any progress via our meetings and email.
I don't have much of the details but we too have experienced the "session terminted due to changed IP address" issue.
We are an on-Premise instance hosted in the US. The issue has mainly ooccurred for some users located in the ASIAPAC region.