I followed your suggested similar issue and review our internal traffic because we have a similar infrastructure (F5 Load Balancer with Gluu and External LDAP authenticator).
1. I can see the first step is right. I mean, I can see traffic for LDAP validation between Gluu and my LDAP Server, and the user can access.
2. In this second step, in the moment when the user should receive the screen for 2FA, this screens not appears and the user can't login and gets screenshot picture link
3. Only restarting IDP service solves the problem.
Anymore for investigate from our side you think?