I have looked for this particular point and could not find anything here or in the Knowledge Base. We have the requirement to have an active, up-to-date antivirus also on Mac OS to enter our VPN.
For now we can only use the version 9.1.8 (3143) version and the issue is it does not detect the running antivirus, whereas this was working while using OSX10.15 Catalina before.
I am using Sophos Home 10.0.1a1 as Antivirus.
Is the problem known? Any fix in sight?
Thanks in advance, Matt
@Rmatt What is the error message sent to the client when connecting to VPN?
Hi r@yElr3y ! Thanks for answering! The message I get is the following
"Your computer does not meet the security requirements [...]" -> The antivirus can't be found or is not identified as active/updated. (They expect an antivirus for Mac too)
In the meanwhile the admins acknowledged the issue. They first thought the Antivirus version was not supported (the same that was working before with OSX 10.15), but they could not fix from that side.
Last week I opened a ticket to ask to have a newer version of Pulse Secure (9.1R8 currently), but I have no news from that side, not sure it will fix the problem :-(
If you know any other way for me to test a more recent client, I would be glad to do so!
@Rmatt We would need to look into Pulse Client debuglogs for identifying the root cause. There are issues with macOS 11.1 version - https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44663/?kA13Z000000fzSK
macOS 11.0 has the following open issues -- HC related to OS checks --- https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB44592/?kA13Z000000fzMW
Thanks r@yElr3y !
I have in the meanwhile upgraded to 11.1 and it didn't change. I think the issue listed in the 11.1 thread was actually happening the same way on 11.0.
I can send you my debug logs (although I didn't find something interesting regarding host check inside) , but as written in the pin post, I would prefer to send it to you via private message, but I couldn't find a way to do so.
@Rmatt macOS Big Sur 11.1 will fail to pass hostchecker regardless of the rule type which is being evaluated, hence please request your VPN administrator not to enforce HC policies for macOS systems.