I have a Debian 4.19.171-2 with Pulse VPN Client (R9.10) installed.
When the access to VPN URL is done from FIrefox, I can see in wireshark traces that at least the handshake to VPN server with the specific cipher (AES256-SHA / TLS_RSA_WITH_AES_256_CBC_SHA) completed, while the Pulse Client aborts the handshake immediately after receiving this cipher name. I am not sure but it looks like the latest Pulse Client (R9.1.10) just rejects the handshake with this old cipher. Am I right? What can I do if the VPN Server side may not be upgraded - they are using some old applience according to their needs. Can I try to install the older Pulse package? But I need it not too old because I need the certificate Authentication method (the release should be later than 5.3R1).