Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Peer-to-Peer communication over NC/Pulse

dfex_
Occasional Contributor
‎05-22-2011 09:53:PM
‎05-22-2011 09:53:PM

Peer-to-Peer communication over NC/Pulse

Hi All,

Has anyone had any success in allowing two NC (or Pulse) Clients to talk to each other via the Secure Access?

I have a need for teleworkers to be able to call each other on soft phones. I've tried including the VPN Client address range in the split-tunneling options (for traffic to send down the tunnel), but this doesn't seem to work.

Currently my work-around is to configure the PABX to force all traffic from my remote user network region to be hair-pinned back to the media gateway, but this will not work for point-to-point video calls.

If anyone from Juniper is reading this, consider this post an enhancement request : )

Cheers,

Ben

0 Kudos
Reply
5 REPLIES 5
kenlars_
Super Contributor
‎05-23-2011 03:00:PM
‎05-23-2011 03:00:PM

Re: Peer-to-Peer communication over NC/Pulse

Good question! I've noticed this, too. I've never tested to see if it happens only to sessions in the same subnet or it happens with any two sessions on the same machine.

Also, I've noticed that you cannot establish an administrative session to a device you are tunneled to, even if you do so through a different interface and different DNS name. I think a ping to the device also fails.

I've never understood either of these phenomena.

Ken

0 Kudos
Reply
zanyterp_
Respected Contributor
‎05-23-2011 09:01:PM
‎05-23-2011 09:01:PM

Re: Peer-to-Peer communication over NC/Pulse

Does your NC ACL allow for the NC network address(es) and any NAT that might be happening?

0 Kudos
Reply
RexPGP_
Frequent Contributor
‎05-25-2011 04:32:AM
‎05-25-2011 04:32:AM

Re: Peer-to-Peer communication over NC/Pulse

I did a VOIP at one time with no isssues. Bring up a separate VOIP then launch NC. Both tunnels work.

0 Kudos
Reply
dfex_
Occasional Contributor
‎05-26-2011 05:53:AM
‎05-26-2011 05:53:AM

Re: Peer-to-Peer communication over NC/Pulse

My NC ACL allows all traffic, and my Split-Tunneling Networks allow the Client's LAN, and the subnet used to allocate NC addresses to clients.

I don't want direct access between clients, I still want their traffic to be tunnelled, but I don't think this is supported some how (the SA doesn't seem to route between clients).

0 Kudos
Reply
zanyterp_
Respected Contributor
‎05-26-2011 06:44:AM
‎05-26-2011 06:44:AM

Re: Peer-to-Peer communication over NC/Pulse

You are correct, the SA won't route between the NC clients; they will need to go out through the network. What does a TCP dump on all 3 interfaces (both NC clients and then the internal port of the IVE) show?

0 Kudos
Reply
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.