Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Isolating traffic handled by Ivanti Secure Access Client on MacOS

SOLVED
Go to solution
tom
New Contributor
‎11-16-2022 02:02:AM
‎11-16-2022 02:02:AM

Isolating traffic handled by Ivanti Secure Access Client on MacOS

I recently installed Ivanti Secure Access Client on MacOS 13.0 in order to access some company-private locations.

 

Works like a charm in order to reach those locations, but of course it heavily messes up pretty much every other functionality (web navigation, any other client that needs to connect anywhere).

 

I'm looking for a way to only send certain traffic through Ivanti Secure Access Client and leave the rest unaffected. Could you suggest anything like that?

 

Thanks.

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
zanyterp
Moderator
Moderator
‎11-16-2022 09:18:AM
‎11-16-2022 09:18:AM

Re: Isolating traffic handled by Ivanti Secure Access Client on MacOS

that is a feature controlled by the admin
it is possible to split the traffic, yes, so only corporate traffic goes out the tunnel and the rest use your local nic

View solution in original post

5 REPLIES 5
tom
New Contributor
‎11-16-2022 06:58:AM
‎11-16-2022 06:58:AM

Re: Isolating traffic handled by Ivanti Secure Access Client on MacOS

Adding on my initial explanation: I know I could achieve what I need by installing the Ivanti client on e.g. an Ubuntu VM, and then using the VM as a JumpProxy; but since I'm using a MacBook running on an Apple M1 chip (i.e. underlying arm64 architecture) I actually can't install the Ivanti client on Ubuntu, since the only Ubuntu/Debian installer available is meant for amd64 architectures.

0 Kudos
zanyterp
Moderator
Moderator
‎11-16-2022 09:18:AM
‎11-16-2022 09:18:AM

Re: Isolating traffic handled by Ivanti Secure Access Client on MacOS

that is a feature controlled by the admin
it is possible to split the traffic, yes, so only corporate traffic goes out the tunnel and the rest use your local nic
tom
New Contributor
‎11-17-2022 01:13:AM
‎11-17-2022 01:13:AM

Re: Isolating traffic handled by Ivanti Secure Access Client on MacOS

So if I understand correctly the client "decides" what traffic should be routed through the tunnel based on server-side configurations, and this is the built-in feature that Pulse offers in order to meet this requirement.

 

Without this server-side configuration (I'm currently not in a position to request specific configurations to the admin) do you believe any other way would work? I was thinking of something along the lines of defining a secondary private network interface and somehow bind Pulse to that interface; then edit my local route tables so that only certain adresses are resolved through that secondary interface. No idea about how to "somehow bind Pulse to" a specific interface though.

 

Thank you for your time anyway.

0 Kudos
tom
New Contributor
‎11-17-2022 05:33:AM
‎11-17-2022 05:33:AM

Re: Isolating traffic handled by Ivanti Secure Access Client on MacOS

As an alternative, I'm trying to go down a different path

 

Nevermind, that didn't make sense but I couldn't find a way to actually remove it.

0 Kudos
zanyterp
Moderator
Moderator
‎11-17-2022 11:29:AM
‎11-17-2022 11:29:AM

Re: Isolating traffic handled by Ivanti Secure Access Client on MacOS

yes, you got it, @tom
i am not aware of a way to bind/limit traffic to a specific adapter. i apologize Smiley Sad
0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.