I will try setting cookies from session.cgi

That won't work, because there are no new HTTP requests between the call to session.cgi and the other scripts. You can only access the session in all those scripts if the user already has a cookie.

Your application sounds if it's hight time to switch to a decent template system (and perhaps a MVC framework) instead of HTML pages intermingled with SSI. I built pages like that (HTML + lots of SSI) in the past, and I found that the complexity of passing information around outweighs the seemingly simplicity that it offers at first.

Your question demonstrates that HTML+SSI isn't very flexible when used like this, and it's really painful to extend and scale inflexible systems.