Hi,

 We are using certificate authentication in our VPN SSL and the client side, we are using IPAD/IPHONE devices with junos pulse (we made iphone configuration with IPCU).

 
 If we launch VPN from Safari, it works well (It lauched Junos Pulse in backplane) but when we launch VPN from Junos Pulse, it is not working (Error: wrong certificate).

It seems like when you are using Junos Pulse, it can not identify a username.

 If I look on MAG user events, when we are using Safari we get the next logs:

Info    AUT22670
2014-02-28 10:58:43 - CZASSL02 - [79.156.50.158] EXT92250(mobility)[mobility] - Login succeeded for EXT92250/mobility (session:00000000) from 79.156.50.158.
Info    AUT24326
2014-02-28 10:58:43 - CZASSL02 - [79.156.50.158] EXT92250(mobility)[] - Primary authentication successful for EXT92250/Enagas_CA from 79.156.50.158
Info    AUT30970
2014-02-28 10:58:43 - CZASSL02 - [79.156.50.158] System(mobility)[] - The X.509 certificate for 'CN=******-emisora-1, DC=******, DC=ES' issued by CN=******-policy-ca, DC=Enagas S.A., DC=ES, successfully passed CRL checking
Info    AUT30972
2014-02-28 10:58:43 - CZASSL02 - [79.156.50.158] System(mobility)[] - CRL checking started for certificate 'CN=E******-emisora-1, DC=******, DC=ES' issued by CN=******-policy-ca, DC=****** S.A., DC=ES
Info    AUT30970
2014-02-28 10:58:43 - CZASSL02 - [79.156.50.158] System(mobility)[] - The X.509 certificate for 'CN=EXT92250, O=****** SA, L=MADRID, ST=ESPA\C3\91A, C=ES' issued by CN=******-emisora-1, DC=******, DC=ES, successfully passed CRL checking
Info    AUT30972
2014-02-28 10:58:43 - CZASSL02 - [79.156.50.158] System(mobility)[] - CRL checking started for certificate 'CN=EXT92250, O=****** SA, L=MADRID, ST=ESPA\C3\91A, C=ES' issued by CN=******-emisora-1, DC=******, DC=ES
Info    CRT30663
2014-02-28 10:58:43 - CZASSL02 - [79.156.50.158] System()[] - client certificate received: -----BEGIN CERTIFICATE-----MIIDFDCCAn2gAwIBAgIKW5NS0AACAAAFmzANBgkqhkiG9w0BAQUFADBHMRIwEAYKCZImiZPyLGQBGRYCRVMxFjAUBgoJkiaJk/IsZAEZFgZFbmFnYXMxGTAXBgNVBAMTEEVuYWdhcy1lbWlzb3JhLTEwHhcNMTExMTE1MTExMzIxWhcNMTQxMTE1MTEyMzIxWjBXMQswCQYDVQQGEwJFUzEQMA4GA1UECAwHRVNQQcORQTEPMA0GA1UEBxMGTUFEUklEMRIwEAYDVQQKEwlFTkFHQVMgU0ExETAPBgNVBAMTCEVYVDkyMjUwMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/tdoM1NoYbyGPmvlt5DH+qZjF52de1KfJnAVvO551wuYuLBK/e8nMM95sJCmlhCmXUbrGZJXN+DHANtJZ3NLII7b.......................-----END CERTIFICATE-----
Info   

 If I look on MAG user events, when we are using  Junos Pulse, we get next logs:

Info    AUT23457
2014-02-28 10:54:36 - CZASSL02 - [79.156.50.158] System(mobility)[] - Login failed using auth server Enagas_CA (Certificate Server). Reason: Wrong Certificate
Info    AUT24327
2014-02-28 10:54:36 - CZASSL02 - [79.156.50.158] System(mobility)[] - Primary authentication failed for /******_CA from 79.156.50.158
Info    AUT30970
2014-02-28 10:54:36 - CZASSL02 - [79.156.50.158] System(mobility)[] - The X.509 certificate for 'CN=******-emisora-1, DC=******, DC=ES' issued by CN=******-policy-ca, DC=******S.A., DC=ES, successfully passed CRL checking
Info    AUT30972
2014-02-28 10:54:36 - CZASSL02 - [79.156.50.158] System(mobility)[] - CRL checking started for certificate 'CN=******-emisora-1, DC=******, DC=ES' issued by CN=******-policy-ca, DC=****** S.A., DC=ES
Info    AUT30970
2014-02-28 10:54:36 - CZASSL02 - [79.156.50.158] System(mobility)[] - The X.509 certificate for 'CN=******, O=****** SA, L=MADRID, ST=ESPA\C3\91A, C=ES' issued by CN=******-emisora-1, DC=******, DC=ES, successfully passed CRL checking
Info    AUT30972
2014-02-28 10:54:36 - CZASSL02 - [79.156.50.158] System(mobility)[] - CRL checking started for certificate 'CN=******, O=****** SA, L=MADRID, ST=ESPA\C3\91A, C=ES' issued by CN=******-emisora-1, DC=******, DC=ES
Info    CRT30663
2014-02-28 10:54:36 - CZASSL02 - [79.156.50.158] System()[] - client certificate received: -----BEGIN CERTIFICATE-----MIIDFDCCAn2gAwIBAgIKW5NS0AACAAAFmzANBgkqhkiG9w0BAQUFADBHMRIwEAYKCZImiZPyLGQBGRYCRVMxFjAUBgoJkiaJk/IsZAEZFgZFbmFnYXMxGTAXBgNVBAMTEEVuYWdhcy1lbWlzb3JhLTEwHhcNMTExMTE1MTExMzIxWhcNMTQxMTE1MTEyMzIxWjBXMQswCQYDVQQGEwJFUzEQMA4GA1UECAwHRVNQQcORQTEPMA0GA1UEBxMGTUFEUklEMRIwEAYDVQQKEwlFTkFHQVMgU0ExETAPBgNVBAMTCEVYVDkyMjUwMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/tdoM1NoYbyGPmvlt5DH+qZjF52de1KfJnAVvO551wuYuLBK/e8nMM95sJCmlhCmXUbrGZJXN+DHANtJZ3NLII7b.....-----END CERTIFICATE-----
Info