cancel
Showing results for 
Search instead for 
Did you mean: 

Unauthenticated request url /api/v1/cav/client/policies and .../client/status log entries

New Contributor

Unauthenticated request url /api/v1/cav/client/policies and .../client/status log entries

I'm finding my notebook running Windows 10 with Pulse Secure Client 9.1.3 tries to access some REST APIs on my Pulse Connect Secure's internal interface but I haven't initiated any connection. The Pulse Secure client is just idle. It looks like cav.exe is responsible.

 

What is cav.exe trying to do?

 

Thanks!

4 REPLIES 4
Highlighted
Frequent Contributor

Re: Unauthenticated request url /api/v1/cav/client/policies and .../client/status log entries

I'm also see that behaviour last week analysing logs from an user.

Adding some more information: our external private IP is not publish no where else besides PCS configuration and in our LB. All our users only see/communicate with the public facing IP from LB for the PCS cluster.

Highlighted
Moderator

Re: Unauthenticated request url /api/v1/cav/client/policies and .../client/status log entries

it is attempting to retrieve CAV policies from the appliance for applying policies
it is a feature that is enabled by default pre-9.1R4
Highlighted
Frequent Contributor

Re: Unauthenticated request url /api/v1/cav/client/policies and .../client/status log entries

Hi,

 

What are CAV Policies?

 

Why they are fetched in an external IP which users do not have access?

 

Cheers,

Highlighted
Moderator

Re: Unauthenticated request url /api/v1/cav/client/policies and .../client/status log entries

cloud application visibility…it is part of the cloud secure license in which admin can check on cloud application access
i am not sure why it is trying to connect to the external port that is not available externally. i would recommend opening a case with our support team. in addition, if you are not using/expecting to use this feature, i would recommend upgrading to 9.1R4 on the appliance and client as that _should_ disable cav.exe (unless it is activated on the server)