Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

NetworkConnect see which connections are being blocked by the ACL

FattyAcid_
Occasional Contributor
‎09-03-2010 07:51:AM
‎09-03-2010 07:51:AM

NetworkConnect see which connections are being blocked by the ACL

Is there a way to see which connections from a NetworkConnect client are blocked by the NetworkConnect Access Policies (ACL). I expect this to show up in the User Access log but it doesn't.

I would like to know whena user makes a connection to host:<port> but it's blocked per the NC ACL.

Thanks!

0 Kudos
1 REPLY 1
ssl_boy_
Contributor
‎09-03-2010 08:14:AM
‎09-03-2010 08:14:AM

Re: NetworkConnect see which connections are being blocked by the ACL

In earlier versions of IVE (pre 6.1 I think) there used to be a network connect user log which could be optionally enabled for precisely this reason, under dire warnings of potential performance problems caused by logging these packets. For reasons that were never explained it was dropped. This now makes troubleshooting NC incredibly difficult especially when dealing with "messy" protocols such as Windows Domain auth and SMB which make random connections all over the place.

Whilst it is possible to do client-side logging, It doesn't do per-packet logging.

Not ideal, but the best solution I have is to install Wireshark or similar on a test PC, capture on the network connect interface and look for unreturned TCP syns/ restransmits from the client PCs. This is incredidly labour intenstive compared to look for a "deny" in an event log and adding that destination/port to the ACL.

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.