Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Apple iPAD and iPhone Support

SOLVED
Go to solution
kenlars_
Super Contributor
‎02-10-2012 05:13:AM
‎02-10-2012 05:13:AM

Re: Apple iPAD and iPhone Support

Could I suggest that people stop adding onto this thread and start new ones for what are clearly different questions? There is a lot of good information in this thread which is a little lost because the subject of the thread is so broad. For example, if the last few posts had been under a subject heading of "Using Certificates for iOS Device Authentication", I bet more people would have seen the conversation and added to it (or learned from it).

Ken

0 Kudos
msimard_
Occasional Contributor
‎02-10-2012 08:01:AM
‎02-10-2012 08:01:AM

Re: Apple iPAD and iPhone Support

Yes you are right. I will start a new thread for this particular topic. I had a very good debugging session with support and found new info in the apple documentation. I think it may help others. Stay tuned....

thanks

0 Kudos
michael.saw_
Regular Contributor
‎03-15-2012 09:32:PM
‎03-15-2012 09:32:PM

Re: Apple iPAD and iPhone Support

Can we have some links to the threads so that we can follow-up on?
Smiley Very Happy
0 Kudos
haas_
Contributor
‎05-04-2012 01:20:PM
‎05-04-2012 01:20:PM

Re: Apple iPAD and iPhone Support

Anyone know if the pulse client has added a new user-agent string with the release of 3.2.0.20175? Clients break immediatly when moving to this client. If I remove the browser restriction they get right in. Gotta be a new string. Now if I could just figure out what it is?!?!

0 Kudos
kenlars_
Super Contributor
‎05-04-2012 01:58:PM
‎05-04-2012 01:58:PM

Re: Apple iPAD and iPhone Support

Can't you get it by running a policy trace for pre-authentication and authentication?

Ken

0 Kudos
zanyterp_
Respected Contributor
‎05-07-2012 08:49:PM
‎05-07-2012 08:49:PM

Re: Apple iPAD and iPhone Support

@haas wrote:

Anyone know if the pulse client has added a new user-agent string with the release of 3.2.0.20175? Clients break immediatly when moving to this client. If I remove the browser restriction they get right in. Gotta be a new string. Now if I could just figure out what it is?!?!


yes, it has. it is now JunosPulse(version...); i will post the kb i am working on this here once it is published

0 Kudos
haas_
Contributor
‎05-10-2012 10:47:AM
‎05-10-2012 10:47:AM

Re: Apple iPAD and iPhone Support

I changed it to the following and it seemed to resolve the issue.

*iPad*

*Iphone*

*iPod*

Also added android 4.X acces *Android*

Life is good again.

0 Kudos
mattspierce_
Frequent Contributor
‎05-16-2012 03:12:PM
‎05-16-2012 03:12:PM

Re: Apple iPAD and iPhone Support

Has there been any update? I have a user who is not able to stay connected from an iPhone. The client connects and then immediatly disconnects. I've had the user remove the profile and re add it. I've checked realm and role restrictions and I'm not enforcing browser strings. I've checked the role and Junos Pulse is not enabled.

My gateway is an SA4500 running 7.2.1r1

Client is:

iOS 5.1

Junos pulse 3.2

Log shows a successful login followed by a log out.

InfoAUT226732012-05-16 17:00:05 - j4500-b1cr - [166.147.115.243] anjohnso(Pulse_Mobile)[Users-NC-Client] - Logout from 166.147.115.243 (session:357e104c)
InfoAUT226702012-05-16 17:00:04 - j4500-b1cr - [166.147.115.243] anjohnso(Pulse_Mobile)[Users-NC-Client] - Login succeeded for anjohnso/Pulse_Mobile (session:357e104c) from 166.147.115.243.
InfoAUT243262012-05-16 17:00:04 - j4500-b1cr - [166.147.115.243] anjohnso(Pulse_Mobile)[] - Primary authentication successful for anjohnso/rsa-srv6 from 166.147.115.243
InfoAUT232782012-05-16 17:00:02 - j4500-b1cr - [166.147.115.243] anjohnso(Pulse_Mobile)[] - User Limit realm restrictions successfully passed for anjohnso/Pulse_Mobile

policy trace shows the login and role map are all successfull.

InfoPTR102122012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[] - Mapped to roles Users-NC-Client by rule 'user = '*''
InfoPTR102132012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[] - Role mapping stopped by Stop rule
InfoPTR102052012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[] - Realm Pulse_Mobile mapped user anjohnso to roles Users-NC-Client
InfoPTR233532012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[] - Role restrictions successfully passed for roles: Users-NC-Client
InfoPTR233622012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[Users-NC-Client] - Sign-in successful, creating session
InfoPTR233632012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[Users-NC-Client] - Session created, redirecting user to start page. Sign-in done.
InfoPTR245592012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[Users-NC-Client] - Automatically redirected from page "login" to the next start page "/dana/home/starter0.cgi?check=yes" before starting the session.
0 Kudos
kenlars_
Super Contributor
‎05-16-2012 04:40:PM
‎05-16-2012 04:40:PM

Re: Apple iPAD and iPhone Support

What I find curious is that there is no message concerning the start of Network Connect and the assignment of an IP address. I wonder if the session is logging out because no Network Connect session is started. You might look at your role and the associate NC connection profile.

Ken

0 Kudos
zanyterp_
Respected Contributor
‎05-16-2012 07:00:PM
‎05-16-2012 07:00:PM

Re: Apple iPAD and iPhone Support

@mattspierce wrote:

Has there been any update?  I have a user who is not able to stay connected from an iPhone.  The client connects and then immediatly disconnects.  I've had the user remove the profile and re add it.  I've checked realm and role restrictions and I'm not enforcing browser strings.  I've checked the role and Junos Pulse is not enabled.

 

My gateway is an SA4500 running 7.2.1r1

 

Client is:

iOS 5.1

Junos pulse 3.2

 

Log shows a successful login followed by a log out.

Info AUT22673 2012-05-16 17:00:05 - j4500-b1cr - [166.147.115.243anjohnso(Pulse_Mobile)[Users-NC-Client] - Logout from 166.147.115.243 (session:357e104c)
Info AUT22670 2012-05-16 17:00:04 - j4500-b1cr - [166.147.115.243anjohnso(Pulse_Mobile)[Users-NC-Client] - Login succeeded for anjohnso/Pulse_Mobile (session:357e104c) from 166.147.115.243.
Info AUT24326 2012-05-16 17:00:04 - j4500-b1cr - [166.147.115.243anjohnso(Pulse_Mobile)[] - Primary authentication successful for anjohnso/rsa-srv6 from 166.147.115.243
Info AUT23278 2012-05-16 17:00:02 - j4500-b1cr - [166.147.115.243anjohnso(Pulse_Mobile)[] - User Limit realm restrictions successfully passed for anjohnso/Pulse_Mobile

 

policy trace shows the login and role map are all successfull.

 

Info PTR10212 2012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[] - Mapped to roles Users-NC-Client by rule 'user = '*''
Info PTR10213 2012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[] - Role mapping stopped by Stop rule
Info PTR10205 2012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[] - Realm Pulse_Mobile mapped user anjohnso to roles Users-NC-Client
Info PTR23353 2012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[] - Role restrictions successfully passed for roles: Users-NC-Client
Info PTR23362 2012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[Users-NC-Client] - Sign-in successful, creating session
Info PTR23363 2012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[Users-NC-Client] - Session created, redirecting user to start page. Sign-in done.
Info PTR24559 2012/05/16 17:00:04 - j4500-b1cr - [166.147.115.243] - anjohnso(Pulse_Mobile)[Users-NC-Client] - Automatically redirected from page "login" to the next start page "/dana/home/starter0.cgi?check=yes" before starting the session.

do you have the web option enabled? if yes, can you disable it and test again? does the user connect successfully on different roles?

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.