I know this is a really old thread, but I’ve just had the exact same issue and fixed it by adding this to application/config/concrete.php
<?php
return array(
'security' => array(
'session' => array(
'invalidate_on_ip_mismatch' => false,
),
),
);Though it would be useful to add here for anyone else having the same problem.