cancel
Showing results for 
Search instead for 
Did you mean: 

Pulse Secure Client v9.1.8

Highlighted
New Contributor

Pulse Secure Client v9.1.8

Hi there,

I am using a pulse secure client 9.1.8, previously also using versions 9.1.4 to 9.1.7.
There is a strange behavior in Pulse Secure lately which is the status connected and if I ping the ip server, it replies. But when I remote to the server using a remote desktop connection or access to the database server using database client tools or doing any activity related to the resources in VPN, everything becomes inaccessible. Ping results in a request time out even though the secure pulse status is still connected.

 

Help me to figure out what's when wrong. It's happen since three days ago.

4 REPLIES 4
Highlighted
Moderator

Re: Pulse Secure Client v9.1.8

Thank you for the question.

 

This type of question is probably better answered via our support team.  We will need client and server logs from your endpoint and PCS appliance.  

 

Please open a case with us and we can get to the bottom of what the issue is.

 

Thank you.

 

Craig Brauckmiller

Global Escalation Manager

Pulse Secure

Highlighted
New Contributor

Re: Pulse Secure Client v9.1.8

I've got this message on log 

VPN tunnel transport for connection mob2 (ID 37b8b17ffa924c44a4e2122832846498) switched from ESP to SSL mode due to missing ESP heartbeats

Highlighted
Moderator

Re: Pulse Secure Client v9.1.8

This message is an indication that the UDP packets between your endpoint that the PCS appliance are getting dropped.  We will fall back to SSL (TCP 443) to try and recover.  This type of drop is common on cellular networks when roaming between towers as well as basic ISP problems.  

 

To properly troubleshoot this, you'd need a packet capture from the endpoint on the physical interface as wel as a capture on the public facing interface of the PCS appliance.  You'll need to match up the ESP packets by using the sequence number and see if there are large gaps in the sequence numbers. You should check to see if the endpoint is sending them and if the PCS is receiving them.  

 

Make sense?

 

Thanks

 

Craig Brauckmiller

Escalation Manager

Pulse Secure

Highlighted
Moderator

Re: Pulse Secure Client v9.1.8

@jgun98 

# When you do a traceroute to the remote resource IP address, do you see the first hop as 10.200.200.200?

# Are you using WiFi or LAN? if using WiFi, whats the driver model?

PCS Expert
Pulse Connect Secure Certified Expert