I need help. I am trying to run Junos Pulse on iPad to access network behind SA 700. We use Network Connect for our PC VPN connections to our office and that works correctly. We have an internal DNS server. When I connect to our VPN using Network connect from a pc I can access internal resources. Network connect is setup without split tunnel.
If I use Junos Pulse, from a pc or ipad, I connect using the same authentication (username and Password against AD). I am able to access the resources bookmarked on the Junos Pulse client (sharepoint, owa) but if I try to go to an internal server I don't have access and DNS is not responding. It does not seem to matter if I have Split Tunnel enabled or not.
I keep looking over all the settings on my SA 700 and I don't see why my Network Connect Client works and my Pulse client does not. Both connect / authenticate.
If you can steer me in the right direction, I would appreciate the help.
What version of the IVE OS are you running? Junos Pulse is supported starting with 7.1, however if I remember correctly, I believe SA 700 is not able to upgrade past 6.4 or 6.5. I will need to double check.
Thank you for your response.
I am running 7.1R4.1 (build 19525) I just upgraded yesterday from 7.1R2 have not checked to see if that made any difference.
Your resource profiles will also specify whether they use Network connect or Junos Pulse as the method. So you need to make sure the role mapping works the way you need it to for the users that will connect using pulse hit a pulse based resource and not a network connect one.
If there is actual dual usage you may have to have them pick a role at login. Or setup a different url for the pulse connections to hit.
I would make sure you have the role set to Junos Pulse, not Network Connect. I've seen issue in the past if it is set Network Connect and you are connecting with Junos Pulse. Also, I would check the user access logs to see if the tunnel is getting created successfully on the SA side.
Do you know if the VPN icon is on with Junos Pulse when you sign in?
With the Pulse mobile clients they need to be connecting to a role that has network connect. Seems odd, but its in the docuemntation. You also may want to lookup the kb entries on the pulse mobile client. There is a custom signin page that imporves the users login experience.