I am unable to get split tunneling setup and working with my iOS clients. Although it is enabled and I have my split tunneling networks configured, I cannot access the internet using the safari browser when Junos Pulse is connected.
Has anyone else seen this and is there a fix?
I came across the same issue and vaguely recall this being mentioned in the release notes as a known issue. I've been routing all the iPad traffic through the SA and back hauling the internet. Let me know if you come across a fix.
That is what i am afraid of as being the issue. I opened a case with JTAC so hopefully will have an anwser. I will post it.
I«m currently testing Junos Pulse on iOS with an iPad (4.3.1) and an iPhone (4.3) and have no problem to get split tunneling working (SA 4500 running 7.0R4)
I«ve configured split tunneling to route all traffic for internal addresses (172.16.0.0/16) to the SA.
In the network access policy I«ve allowed RDP and HTTP to an internal MS Exchange Testserver ...and everything works like it should. On both iOS devices I can use OWA, ActiveSync and Remote Desktop to the internal server while being able to surf the internet.
Maybe we can compare our settings to find what«s going wrong.
My split tunneling rule is similar to your in that I send my internal traffic to the SA. I also have a rule to lock down what users can access by the IP of the servers and the ports for added security.
The only way split tunneling would work is if I send all http traffic back through the SA and disabled split tunneling. Any other configuration would not allow the iPad users to connect to external websites using Safari. JTAC is still looking into the issue.
Hmmm...because of your posting I«ve just done some sniffing with TCPDUMP.
And the only traffic I can see is the one destined to the internal network. Everything like it should.
So I«m really interested in what JTAC will say.