Solved: Re: Junos Pulse Connection Problem: The server doe...

Colin G._ · ‎04-06-2011

I'm trying to use the iPhone app, Junos Pulse Version 2.0.3.9161, to connected to my company VPN.

From my laptop, I use the Juniper Networks product, Juniper Network Connect Version 7.0.0.16899.

We use a fixed password and an RSA SecurID token generated password along with a user name to authenticate.

Network Connect loads the company VPN log-in page where the credentials are entered.

In the Junos Pulse app, I created a configuration with the URL of the company VPN server (the same one used by Network Connect). I don't have a digital certificate on the device because it's my personal phone and not a company resource, so I left the "Certificate" option as "None". When I attempt to connect, I am taken (in the Junos Pulse app) to the company log-in web interface where I enter all the appropriate credentials. When I attempt to log-in however, I receive a "Connection Error" specifiying that "The server disallowed the connection".

Digging deeper into the log for the app, I see the following:

info PROCESSING URL: https://rcconnect.rockwellcollins.com/dana/home/starter0.cgi?check=yes (LoginManager.m:885)
info LoginManager:: Trying VPN connection ... (Logger.m:92)
info LoginManager:: Starting VPN. (Logger.m:92)
info VPNManager:: Start tunnel. (VPNManager.m:149)
info Connection status changed to Connecting (SSLVPNControllerImpl.m:620)
info Adding cookie DSID to request for https://rcconnect.rockwellcollins.com/dana/home/am_params.cgi?am=nc (ConfigurationController.m:724)
error The server does not allow this access method (SSLVPNControllerImpl.m:334)
info Connection status changed to Disconnected (SSLVPNControllerImpl.m:620)
info LoginManager:: VPN disconnected. (Logger.m:92)

Does anyone know what I'm missing here?

zanyterp_ · ‎06-02-2011

On the admin console, go to Users>User Roles>roleNameForiPhone>General, Options and make sure Network Connect is enabled.

Create at least a Network Connect Connection profile at Users>Resource Policies>Network Connect>NC Connection Profiles to define the IP address for the role(s) to use

View solution in original post

serchend_ · ‎04-15-2011

Did you find a solution to this as I am having the same problem?

zanyterp_ · ‎04-22-2011

Has your IT dept confirmed you have access to be able to do this through an iOS device?

It is possible for this to be restricted on the SA server configuration.

When you connect from your desktop, do you need to provide a certificate or pass Host Checker?

s.st86_ · ‎05-02-2011

Hello everyone,

same problem as Colin G. mentioned. Login Screen appears in the Junos App, but after I try to connect with user and password I get an error message (same Log error)

With Iphone/Ipad Safari Browser it works fine. Has anyboy find a solution for this?

zanyterp_ · ‎05-02-2011

Are you able to confirm that Network Connect is allowed for the role you are using?

What does the user access/event log show for the time stamp of failure?

What is the IVE OS version you are using (Pulse is supported on 6.4/6.5 and later)?

Are there any additional restrictions on the realm/role that you might not be passing?

What does a policy trace of your login event show?

s.st86_ · ‎05-03-2011

Thank you so much zanyterp, network connect wasn«t allowed for the role i«m using! Now it works fine! The curious thing is that we tested on android phone without the network connect role assigned and it works anyway...

zanyterp_ · ‎05-03-2011

You are welcome. s.sts86; glad that worked.

I believe that is because Pulse on Android does not support L3 VPN (so does not require Network Connect but only login access); whereas Pulse on iOS is expecting to create a full VPN tunnel and requires Network Connect.

Colin G._ · ‎06-02-2011

s.st86

How did you either allow network connect for your role or change the role you were using to get Junos Pulse to connect from your iPhone?

zanyterp_ · ‎06-02-2011

On the admin console, go to Users>User Roles>roleNameForiPhone>General, Options and make sure Network Connect is enabled.

Create at least a Network Connect Connection profile at Users>Resource Policies>Network Connect>NC Connection Profiles to define the IP address for the role(s) to use

Colin G._ · ‎06-02-2011

I'm guessing these steps to take from the admin console are steps that would have to be taken in some back-end server for my company's VPN? I'm just a network user with an iPhone.

Junos Pulse Connection Problem: The server does not allow this access method

Junos Pulse Connection Problem: The server does not allow this access method

Re: Junos Pulse Connection Problem: The server does not allow this access method

Re: Junos Pulse Connection Problem: The server does not allow this access method

Re: Junos Pulse Connection Problem: The server does not allow this access method

Re: Junos Pulse Connection Problem: The server does not allow this access method

Re: Junos Pulse Connection Problem: The server does not allow this access method

Re: Junos Pulse Connection Problem: The server does not allow this access method

Re: Junos Pulse Connection Problem: The server does not allow this access method

Re: Junos Pulse Connection Problem: The server does not allow this access method

Re: Junos Pulse Connection Problem: The server does not allow this access method

Re: Junos Pulse Connection Problem: The server does not allow this access method