cancel
Showing results for 
Search instead for 
Did you mean: 

Enabling Host Checker for vpn tunneling only

Ric
New Contributor

Enabling Host Checker for vpn tunneling only

Good Afternoon:

 

I would like to solicit some suggestions for enabling Host Checker connections for connections that use the Pulse Secure Client only.

I have users that access the portal page (No client involved) to access Services where the Host Checker is not required.

I think I can do this through User Roles but I'm struggling with the identifying a VPN Tunnel.

 

Thanks

 

3 REPLIES 3
Moderator
Moderator

Re: Enabling Host Checker for vpn tunneling only

Yes, we can apply host checker restrictions to the user role which will be assigned to Pulse client users. However, we can't have both roles (role for web VPN & role for VPN tunnel) mapped to the same realm, as it will trigger host checker for both users.

To avoid this we can create two realms ( one for web users and other for pulse client users), enable DENY based browser based restrictions with Browser string *Pulse-Secure* (including * sign) on the web VPN user realm and ALLOW browser restrictions on VPN tunnel user realm, and map those two realms to a sign-in URL....

OR... create two sign-in URLs (for web VPN and Pulse client users) to map those realms and give different URLs to the users.
Pulse Connect Secure Certified Expert
Moderator

Re: Enabling Host Checker for vpn tunneling only

to add to what @Ray said, are you wanting to do host checking validation for machines that are creating a VPN tunnel OR are you wanting to do host checking based on resource access over the VPN tunnel?
Ric
New Contributor

Re: Enabling Host Checker for vpn tunneling only

Thanks for the ideas Ray and Zanterp. I'll apply these thoughts in our POC environment.

Great question about resource acess over a tunnel. Yes this would be the case most of the time.