AntiForgeryToken Decrypt exception in a ASP.Net MVC App on a single Azure VM

Occasional Visitor

Hi all,


I have an issue on two Azure Windows 2019 VMs running IIS that AntiForgeryToken validation does not work quite often.

These run the prodcution environment, it does not happen on my master and dev envs, both of them being physical machines within my network.

I evaluated the issue and as there is no cluster involved, so the static machine key solution, which I also tried does not help. Application pool recycling as of timeouts between GET and POST also does not seem to be the issue, as this even occurs if there are only 5 seconds between GET and POST.

Interesting fact is that sometimes it does work with Chrome for some users, when it doesnt work in Edge or Firefox.


I can reproduce that issue from my work network to one VM, whereas it works from my home network at the same time.

So might be a firewall issue of some kind. We do have a sonicwall at work, but a trace di

0 Replies