I discovered a strange behaviour while using a reverse proxy (caddy). Maybe someone has an idea how to solve this issue.
I enabled cwmp.debug for a CPE that always gets a invalide session response. If you have a look at the debug connection request is ok, session cookie is set but genieacs is then mapping a request comming from another CPE into this session where no session cookie was set and therefore the session is invalid. I marked the relevant parts in line.
event: incoming HTTP request
timestamp: 2022-06-03T07:15:47.843Z
remoteAddress: "::ffff:192.168.62.139"
deviceId: 00040E-FRITZ%21Box-E0286DA5D216
connection: 2022-06-03T07:15:47.843Z
localPort: 7547
method: POST
url: /tr069/
headers:
host: acs2.xxxxxx.de:80
user-agent: AVM/113.07.29
content-length: "2506"
content-type: text/xml; charset="utf-8"
soapaction: "\"Inform\""
**x-forwarded-for: 217.61.198.65** --> real IP from correct CPE
x-forwarded-proto: http
accept-encoding: gzip
body: >-
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:soap-enc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:cwmp="urn:dslforum-org:cwmp-1-0">
<soap:Header>
<cwmp:ID soap:mustUnderstand="1">8489</cwmp:ID></soap:Header>
<soap:Body>
<cwmp:Inform>
<DeviceId>
<Manufacturer>AVM</Manufacturer>
<OUI>00040E</OUI>
<ProductClass>FRITZ!Box</ProductClass>
<SerialNumber>**E0286DA5D216**</SerialNumber></DeviceId>
<Event soap-enc:arrayType="cwmp:EventStruct[1]">
<EventStruct>
<EventCode>6 CONNECTION REQUEST</EventCode>
<CommandKey></CommandKey></EventStruct></Event>
<MaxEnvelopes>1</MaxEnvelopes>
<CurrentTime>2022-06-03T09:15:47+02:00</CurrentTime>
<RetryCount>0</RetryCount>
<ParameterList soap-enc:arrayType="cwmp:ParameterValueStruct[8]">
<ParameterValueStruct>
<Name>InternetGatewayDevice.DeviceSummary</Name>
<Value xsi:type="xsd:string">InternetGatewayDevice:1.4[](Baseline:2,
EthernetLAN:1, ADSLWAN:1,ADSL2WAN:1, Time:2, IPPing:1, WiFiLAN:2,
DeviceAssociation:1), VoiceService:1.0[2](SIPEndpoint:1, Endpoint:1,
TAEndpoint:1), StorageService:1.0[1](Baseline:1, FTPServer:1, NetServer:1,
HTTPServer:1, UserAccess:1, VolumeConfig:1)</Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.DeviceInfo.HardwareVersion</Name>
<Value xsi:type="xsd:string">FRITZ!Box 7490</Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.DeviceInfo.SoftwareVersion</Name>
<Value xsi:type="xsd:string">113.07.29</Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.DeviceInfo.SpecVersion</Name>
<Value xsi:type="xsd:string">1.0</Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.DeviceInfo.ProvisioningCode</Name>
<Value xsi:type="xsd:string"></Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.ManagementServer.ParameterKey</Name>
<Value xsi:type="xsd:string">222773369</Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.ManagementServer.ConnectionRequestURL</Name>
<Value
xsi:type="xsd:string">http://217.61.198.65:8089/e550cfce7ef4e9b</Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.WANDevice.1.WANConnectionDevice.1.WANPPPConnection.1.ExternalIPAddress</Name>
<Value
xsi:type="xsd:string">217.61.198.65</Value></ParameterValueStruct></ParameterList></cwmp:Inform></soap:Body></soap:Envelope>
---
event: outgoing HTTP response
timestamp: 2022-06-03T07:15:47.845Z
remoteAddress: "::ffff:192.168.62.139"
**deviceId: 00040E-FRITZ%21Box-E0286DA5D216**
connection: 2022-06-03T07:15:47.843Z
statusCode: 200
headers:
content-length: 524
server: GenieACS/1.2.7+20210922114407
soapserver: GenieACS/1.2.7+20210922114407
content-type: text/xml; charset="utf-8"
**set-cookie: session=e5a5248049467c00** --> set cookie on CPE E0286DA5D216
body: >-
<?xml version="1.0" encoding="UTF-8"?>
<soap-env:Envelope xmlns:soap-enc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cwmp="urn:dslforum-org:cwmp-1-0"><soap-env:Header><cwmp:ID
soap-env:mustUnderstand="1">8489</cwmp:ID></soap-env:Header><soap-env:Body><cwmp:InformResponse><MaxEnvelopes>1</MaxEnvelopes></cwmp:InformResponse></soap-env:Body></soap-env:Envelope>
---
event: incoming HTTP request
timestamp: 2022-06-03T07:15:47.871Z
remoteAddress: "::ffff:192.168.62.139"
deviceId: 00040E-FRITZ%21Box-E0286DA5D216
connection: 2022-06-03T07:15:47.843Z
localPort: 7547
method: POST
url: /tr069/
headers:
host: acs2.xxxxx.de:80
user-agent: AVM/113.07.29
content-length: "0"
**cookie: session=e5a5248049467c00** --> cookie was successfully set on CPE E0286DA5D216
x-forwarded-for: 217.61.198.65
x-forwarded-proto: http
accept-encoding: gzip
body: ""
---
event: outgoing HTTP response
timestamp: 2022-06-03T07:15:47.873Z
remoteAddress: "::ffff:192.168.62.139"
deviceId: 00040E-FRITZ%21Box-E0286DA5D216
connection: 2022-06-03T07:15:47.843Z
statusCode: 200
headers:
content-length: 599
server: GenieACS/1.2.7+20210922114407
soapserver: GenieACS/1.2.7+20210922114407
content-type: text/xml; charset="utf-8"
body: >-
<?xml version="1.0" encoding="UTF-8"?>
<soap-env:Envelope xmlns:soap-enc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:cwmp="urn:dslforum-org:cwmp-1-0"><soap-env:Header><cwmp:ID
soap-env:mustUnderstand="1">181286b94000000</cwmp:ID></soap-env:Header><soap-env:Body><cwmp:GetParameterNames><ParameterPath>InternetGatewayDevice.DeviceInfo.</ParameterPath><NextLevel>1</NextLevel></cwmp:GetParameterNames></soap-env:Body></soap-env:Envelope>
---
event: incoming HTTP request
timestamp: 2022-06-03T07:15:48.160Z
remoteAddress: "::ffff:192.168.62.139"
**deviceId: 00040E-FRITZ%21Box-E0286DA5D216**
connection: 2022-06-03T07:15:47.843Z
localPort: 7547
method: POST
url: /tr069/
headers:
host: acs2.xxxxxx.de:80
user-agent: AVM/113.07.29
content-length: "2495"
content-type: text/xml; charset="utf-8"
soapaction: "\"Inform\""
**x-forwarded-for: 185.205.124.114** **--> wrong PERIODIC is mapped to this session so session is now invalide**
x-forwarded-proto: http
accept-encoding: gzip
body: >-
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:soap-enc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:cwmp="urn:dslforum-org:cwmp-1-0">
<soap:Header>
<cwmp:ID soap:mustUnderstand="1">271</cwmp:ID></soap:Header>
<soap:Body>
<cwmp:Inform>
<DeviceId>
<Manufacturer>AVM</Manufacturer>
<OUI>00040E</OUI>
<ProductClass>FRITZ!Box</ProductClass>
<SerialNumber>E0286DA6C74C</SerialNumber></DeviceId>
<Event soap-enc:arrayType="cwmp:EventStruct[1]">
<EventStruct>
<EventCode>2 PERIODIC</EventCode>
<CommandKey></CommandKey></EventStruct></Event>
<MaxEnvelopes>1</MaxEnvelopes>
<CurrentTime>2022-06-03T09:15:48+02:00</CurrentTime>
<RetryCount>1</RetryCount>
<ParameterList soap-enc:arrayType="cwmp:ParameterValueStruct[8]">
<ParameterValueStruct>
<Name>InternetGatewayDevice.DeviceSummary</Name>
<Value xsi:type="xsd:string">InternetGatewayDevice:1.4[](Baseline:2,
EthernetLAN:1, ADSLWAN:1,ADSL2WAN:1, Time:2, IPPing:1, WiFiLAN:2,
DeviceAssociation:1), VoiceService:1.0[2](SIPEndpoint:1, Endpoint:1,
TAEndpoint:1), StorageService:1.0[1](Baseline:1, FTPServer:1, NetServer:1,
HTTPServer:1, UserAccess:1, VolumeConfig:1)</Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.DeviceInfo.HardwareVersion</Name>
<Value xsi:type="xsd:string">FRITZ!Box 7490</Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.DeviceInfo.SoftwareVersion</Name>
<Value xsi:type="xsd:string">113.07.29</Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.DeviceInfo.SpecVersion</Name>
<Value xsi:type="xsd:string">1.0</Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.DeviceInfo.ProvisioningCode</Name>
<Value xsi:type="xsd:string">12553</Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.ManagementServer.ParameterKey</Name>
<Value xsi:type="xsd:string"></Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.ManagementServer.ConnectionRequestURL</Name>
<Value
xsi:type="xsd:string">http://185.205.124.114:8089/ec7d210e6a2cb97</Value></ParameterValueStruct>
<ParameterValueStruct>
<Name>InternetGatewayDevice.WANDevice.1.WANConnectionDevice.1.WANPPPConnection.1.ExternalIPAddress</Name>
<Value
xsi:type="xsd:string">185.205.124.114</Value></ParameterValueStruct></ParameterList></cwmp:Inform></soap:Body></soap:Envelope>
---
event: outgoing HTTP response
timestamp: 2022-06-03T07:15:48.161Z
remoteAddress: "::ffff:192.168.62.139"
deviceId: 00040E-FRITZ%21Box-E0286DA5D216
connection: 2022-06-03T07:15:47.843Z
statusCode: 400
headers:
content-length: 15
connection: close
body: Invalid session
Thank you in advance,
Sven