I'm currently troubleshooting an application failure when connected to the Pulse client. I can't seem to find the right mechanism to see a log of traffic that is denied across the tunnel. On an ASA I can review a live log and troubleshoot conenctions and see what's failing against an ACL.
Does that capibility exist on Pulse? I've tried Session tracing with VPN tunneling, looked through the various user and client logs and can't seem to find anything.
No, PCS does not have that functionality... there is no logging if a connection is aceepted or denied.
That's really surprising. Thank you though.
@flipPipe is right. We have to use TCP Dump (using host filter for the client's source IP) to see if the desired traffic is leaving the VPN server or not.
If the traffic is visible, then the packets are not blocked by the VPN server. If not, then it is being blocked.