We have a user who can connect to our VPN using Pulse Secure for android, and the Network connect (Java) application for windows. There is a Mac version of the product which they have installed, however it does not permit them to sign-in.
The message displayed is: Only administrators can sign on.
I have checked and they are set as an administrator on the Mac, the version is Mac OSX 10.
Please can anyone help with why this doesn't work on the Mac and what we need to do - it works correctly when accessed via the other platforms. I presume this is a client setup issue, but i cannot find any indication of what is required - beyond the user being an 'Admin' on the mac.
If the error on Pulse client reads "Only administrators can sign on" then the issue is because this user is trying to access the administrative realm of the PCS gateway device rather than the end-user realm. It has nothing to do with privileges on the MAC machine
I'm not sure how your box is setup however one possibility is user is trying to access https://pcs-gateway-hostname/admin which leads to the admin realm in a typical setup or someone mistakenly added the admin realm to the end-user login URL
Thanks for the reply, I've checked the URL that is entered. It's the same as on a working android installation. When you say the PCS gateway device, could you explain what you mean. Are you describing something on the network?
The same user is able to login from Windows & Android using the same username & password? What version of macOS is being used; if you are using 10.9 or higher, Network Connect will not work and requires the use of the Pulse Desktop client. When you do a policy trace on the appliance, the VPN gateway (PCS gateway, as ruc referred to it), what does the error show? Are other users able to login at the same time as this user fails to login?
Thanks for your reply. In answer to your question, yes same username and same password. Works on android and doesn't on macOs 10.9 (Mavericks). We downloaded the client from the pulse secure website (the DMG file). Can't remember the exact name of the product but it runs happily enough on macOs. As to the logs on the server side, could you please provide where these could be looked into. I'll need to direct the third-party supplier on where to look.
If there is a link to the product we should be using, would you mind sharing it? Currently we've use this: http://trial.pulsesecure.net/clients/q2_2017.md5
Sorry to add more noise to this discussion; it appears to not be limited to Mac OS installations. I've just installed the 64bit Pulse Secure client; see link below, and this presents the same message. No prompt for a user name is given; and i can sign-in via the web-interface.
This sounds like a config issue where you are connecting to an admin realm instead of user realm. hint: Carefully compare the host and URL details you entered between the android client and MAC client.
If this does not help its best you involve the party that manages the PCS VPN gateway device (the server that you are connecting to from your pulse client)