Once the VPN tunnel established normally (all is fine in event logs) with Junos Pulse 3.0 on Windows,
we have no IP connectivity during the first ~60 sec. After these 60 sec, the IP connectivity is recovered.
No IP connectivity issue has been identified with Pulse Client for MacOS or even with the Apps for iOS.
Is it a known issue with Junos Pulse 3.0 or SA 7.2R2.0?
What could be the root cause?
Thank you in advance for your advice
I hope you could have been using client proxy to reach SA or ESP channel is blocked between SA and Pulse client. In this case, Pulse launches VPN tunnel in ESP mode (default setting in SA VPN profile) and ~60sec later it detects blocking of ESP channel and falls back to SSL and continous from there. Till the fall back time, there won't be any connectivity.
We are targetting to get this fixed in upcoming release. I'll update this thread with more details. Till that workaround would be
- SA UI > Users > Resource Policies > VPN Tunneling > Connection profiles
- Select the profile > Under connection setting
- Change the transport mode from ESP (default) to SSL
Hope this helps..!
Thank you for this feedback, that makes sense. I'll apply the workaround.
What release will correct it ? Do you already know?
Keep me updated please
Sure, I'll update you.
Please refer the KB 25731 talking about the same behavior.
This is fixed in upcoming Pulse 3.0R5 and its scheduled to release in second week of October-2012.
Just wanted to chime in on this and say thank you for this fix. We actually were having a problem where the ESP to SSL failover would result in no connectivity. Now that I've changed it to straight up SSL Pulse is working great again. I'll have to get our MAG updated here soon to resolve this going forward.