I'm running an active/passive 6500 cluster on 8.0R8.1 and Pulse 5.0. Users are sporadically getting 1319 error (authentication rejected by server).
I had a different cluster running 8.0R3.1 that experienced the issue and upgrading to 8.0R8.1 resolved the issue.
All 3 of my clusters are running 8.0R8.1 and only one of them is having the issue. All have the same host checker policies.
The only KB i've found references an old 7.2 SA code and 2.1 Pulse client.
Any help would be greatly appreciated.
Can you see what the log on the authentication server itself has for the rejected sessions?
My colleagues that own the authentication server haven't found anything of note on their side. On the client side Pulse takes the credentials and starts going through the compliance check. It will fail after that and in the user access logs we see "needhostchecker". The same user could try a second time and get right in or maybe try 5 times before getting in. We have a handful of users that can't get in no matter how many times they try.
Does the client have the Juniper installer service on them?
for full client checks this helps the services have admin rights on the computer.
Or if this is using the java host checker perhaps the Java version may have issues.