Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Critical problem with SSL VPN cluster with users switching between SA devices

GiantYank_
Occasional Contributor
‎11-23-2011 02:14:PM
‎11-23-2011 02:14:PM

Re: Critical problem with SSL VPN cluster with users switching between SA devices

Juniper believes that this is a configuration issue. We have the user IP pools separated via the Network Connect Connection Profiles for each device in the cluster. However, they say that because it is a cluster one device can and does use the user pool from the other device unless we set up Network Connect IP Address filters per device. That way the only IP Pool used for the member of the cluster will be what you set in the filter.

Implementation Steps:

To add filters, perform the following steps on the primary cluster member:

1) Login
2) Click "Network" in left-navigation pane
3) Click "Network Connect" tab
4) Pick a cluster member from the drop-down "Settings for:" and click update.
5) Set the filter you would like to apply for this particular cluster member.

We just implemented this and will check going forward if it has the desired affect.

0 Kudos
GiantYank_
Occasional Contributor
‎11-23-2011 02:17:PM
‎11-23-2011 02:17:PM

Re: Critical problem with SSL VPN cluster with users switching between SA devices

My last post did not take... Trying again...

Juniper says that we have to set Network Connect IP Address filters per device.

Currently the cluster is set with each device having its own Network Connect Connection Profile and separate users pools are assigned to each device via the NC Connection Profile. Juniper says that because this is a cluster, one member can and does grab IP pools from another member and that is what is causing the changing of IP address and "moving" of users from one box to another.

Implementation Steps:

To add filters, perform the following steps on the primary cluster member:

1) Login
2) Click "Network" in left-navigation pane
3) Click "Network Connect" tab
4) Pick a cluster member from the drop-down "Settings for:" and click update.
5) Set the filter below you would like to apply for this particular cluster member.

We just implemented this and will monitor.

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.