- Pulse Secure Community
- :
- About rswinter_
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
since
10-29-2017
10-29-2017
rswinter_
Frequent Contributor
103
Posts
0
Kudos
2
Solutions
12-20-2010
08:02:AM
Unless I'm missing something, "AVG 2011" is version 10.x (not v11)
... View more
12-17-2010
10:05:AM
I just messed around with the browser string a little more and got it to work for me... I change it from the full browser string like I had before to: *(iPod; U; CPU iPhone OS 4_2_1 like Mac OS X; en-us)* (I now have 4 different ones, with iPod, Iphone & OS 4_1 and OS 4_2_1) We don't have any iPad users at the moment, but I would assume they are something like: *(iPad; U; CPU iPhone OS 4_2_1 like Mac OS X; en-us)* -S
... View more
12-17-2010
09:53:AM
I have the same issue. When I remove the Browser Check from the Realm, I can connect just fine, but enev when I cut/paste the Browser Agent string into the IVE restrictions, I still get "not allowed" 2010-12-17 09:49:51 - ive - [127.0.0.1] System()[] - Browser on host ##.##.##.## is not supported for Host Checker or Cache Cleaner: User agent JunosPulseiPhone Mozilla/5.0 (iPod; U; CPU iPhone OS 4_2_1 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Mobile/8C148. We're running 7.0R2
... View more
12-17-2010
09:37:AM
Hi All, One of my users just noticed that sounds are not making it out their RDP sessions when use the ProperRDP java applet. I poked around sourceforge as well as I could and it appeared that sound support was added at some point. It appears that I'm using the most recent version of the plug in, so I'm not quite sure what my problem is.... I've only got reports from mac users so far, but I don't think any of hte Windows users use the Java applet and not sure about the ubuntu users yet... They probably just haven't noticed. Anyone else having this issue? Thanks. -Stephen
... View more
12-15-2010
12:53:PM
This is what we've done to get by with one role for most people... We usa AD for our core auth, so we did everything in the user record. We allow people into the role by an AD user group. In everyone's AD record, we took the "pager" field and put in their workstation name. We then wrote a Terminal Services role that used : <USER>@<userAttr.pager>.domain.com for the shortcut. added the same string to the TerSvc acl's and we were golden. I just realized a couple days ago, that if you put multiple entries in to the "otherpager" field in AD, that the IVE creates a separate shortcut for each one, so in effect we can use this one role and one field to give everyone access to all the sessions they need without having to do anything in the IVE, just add to AD and we're done.. -S
... View more
12-03-2010
09:36:AM
Hi All, Has anyone had any experience with this App and Host Checker? We're running esap 1.6.6 and it's not being recognized. When the end user looks at the version number, all it reports back is Scan Engine version 5400.xxxx. There's nothing that follows the nomal McAfee Antivirus version scheme. Thanks. -S
... View more
11-18-2010
11:28:AM
I put browser checks on my Pulse Realm so that only mobile devices can login... (or people who screw around with their browser ID string) Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_1 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8B117 Safari/6531.22.7. Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_1 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Mobile/8B117 Mozilla/5.0 (iPod; U; CPU iPhone OS 4_1 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Mobile/8B117 JunosPulseAndroidMozilla/5.0 (Linux; U; Android 2.2; en-us; DROIDX Build/VZW) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
... View more
11-10-2010
11:49:AM
Hi, I've got a user who uses SSH through the WSAM so he can use Putty (and another app) instead of the built-in SSH client. He's reporting that he gets disconnected about 60 seconds of idle time. He doesn't need to restart WSAM or re-logiin to the SA, he just has to restart the putty session. I couldn't find any timeout settings in the WSAM, so I was curions if anyone can point me to where it should be looking? It doesn't happen when not going through the SA, so it's something to do with that interraction... Thanks. -S
... View more
10-30-2010
04:35:PM
Without L3 support on the Pulse Cleint, what does it really give Android users? I've never tried one, but can't you get the normal web-portal things with a generic browser anyway?
... View more
10-29-2010
07:25:AM
Hmm.. Is there a difference between the iPhone and iPodTouch versions? I only have an iPodTouch, and I do not have the option for the Pulse client to save any information besides the URL. Are there two versions out there? Since we have a Cisco ASA/VPN server, we probably won't use the Juniper for iOS users, but we will for Android until they get a Cisco compatable client out...
... View more
10-26-2010
07:40:AM
Hopefully that means it's about to be released. The article was just published yesterday... My SE told me that Juniper is ready to go with the Android client, just waiting on Google...
... View more
10-25-2010
02:44:PM
Ok.. Thanks. The WYSE boxes we have are Citrix specific, not a real OS... We have tested with Embedded and WinCE and both worked Ok for RDP...
... View more
10-25-2010
02:23:PM
I'm wondering how to do it... I haven't seen the WYSE terminal yet, but from what I was told, they need to connect directly to the Xen controller, not the SA... Do you just use a reverse proxy setup of some sort?
... View more
10-19-2010
08:19:AM
Hi All, I've got a XenDesktop (Virtual Desktop) profile running for home users using their home PC and it seems to be working just fine. we are looking at deploying some of the ThinClient Wyse terminal for internal users and I was wondering if there was a way to use them for Remote Users as well? The Citrix consultant says I need to have the Citrix Gateway instead of the SSL-VPN to get them in, but I don't want to manage another device for remote access.... anyway to get the WYSE connected to our SA4000? Thanks. -Stephen
... View more
10-15-2010
10:01:AM
I do have our domain set in the domain field. (it was required) I'll try setting it in the username as well... EDIT: Didn't help. Wouldn't login to the XenDesktop Manager with that setting..
... View more
10-15-2010
08:30:AM
Hi All, I've setup a Xendesktop Virtual Desktop Profile on my SA2500, v6.5r3.1 system. I get the Xendesktop Menu just fine on the IVE, I can click on the link to my desktop and it starts up the citrix client, then it flashes up my desktop login screen for just a second and then closes the session. All I see in the logs is "Closed Connection to xxxx after 2 seconds". No reason why or errors. Tried to do a policy trace, but it didn't list anything (doesn't have Virtual Desktop as a choice at all) Any chance it's our "Lawyer Message" that's getting in the way? We have the stadard "you are about to access...blah blah " when you press CTRL-ALT-DEL that you have to "OK" before you get the login prompt. I would expect that to be fairly common, so would be supported Suggestions? Thanks. -Stephen
... View more
09-20-2010
07:24:AM
Ok.. Got bad info the first run through. It's actually the Keyboard Mapping on the windows desktop that they RDP into. The next time they login onsite (After the SSL-VPN session is terminated), the keys are all scrambled on the Windows desktop. They have to reboot to return it to normal... As a work-around we've told everyone they should always restart thier machne on logging off.. Thanks. -S
... View more
09-14-2010
01:16:PM
Hi All, I am looking for a way to use DNS names and variables in NetConnect Access Control policies. I keep getting an error when I put in anything other than a IP address. I'd like to use an AD attribute like I do for the terminal Services Access Control, so I can write one role that allow all my iPhone/iPad/iTouch users access to only the IP workstation that's identified in an ActiveDirectory field. suggestions?
... View more
09-10-2010
08:16:AM
Hi All, I have had two (out of 15) Mac OS users report that after logging off the SSL-VPN (and ProperJavaRDP) that the keyboard mappings have changed and they have to go back and reset them... Has anyone ever seen this before? I'm not a Mac guy, so I really don't know wherer to start.. Thanks. -Stephen
... View more
09-07-2010
10:45:AM
Can anyone tell me why my posts alwayd get all run together with out the line feeds they have when I type them?
... View more
09-07-2010
10:44:AM
Here are a couple way-out ideas that may work... (Can't really test them myself either...) #1: If your DNS doesn't swtich betwwen the two very often, can you setup a second DNS name that follows the same datacenter as your IVE's DNS name. Then on the IVE login page, you can imbed a like to a JPG sitting on the web server in the same data center. (ive-whereami.mydomain.com/myive.jpg) #2: If you have an internal load balalncer (like an F5-BigIP), you could imbed a link in the Personalized Greeting Notification that points to a VIP. The BigIP could then look at the source ip address (internal IP of IVE) and redirects to a jpg that shows the name of the IVE... #3 Move from a Cluster to a Push enviroment and then you may get the name of the local IVE in the field. -S
... View more
08-04-2010
12:00:PM
We have tried to just test MS ForeFront and was told by support they didn't know when the current version would be listed in the ESAP and to contact our Sales team and let them know we want to have it...
... View more
07-27-2010
12:27:PM
While I have never tried this, you could create two realms with the different passowrd scenarios and in the "Authentication Policy/ISouce IP" , enter in your internal IP address space and only allow users who are in the address space access to the "AD" realm, and deny users in this address space access to the "RSA" realm. You can then put both relams in the "sign-in" policy and the end users should get the one they are supposed allowed by what their IP address is... There may be other ways of doing it, but this is what comes to mind for me... We've done the same thing for "roles", but I don't see why it wouldn't work for "realms" as well.. -Stephen
... View more
07-23-2010
07:47:AM
We initially tested some basic failover functionality (web bookmarks) and IIRC it worked just fine. For the first couple years we ran in a Failover mode and the seconday box never got used. As the user count got higher, we went to a Round Robin mode so both boxes share the load. If you are doing NetConnect, it will not failover properly since you will need to define two differnt DHCP ranges, one for each server. I would assume anything else that is a constant connection (RDP/CItrix/ probalby anything SAM based) would probably drop and require the end user to recconnect. Shouldn't log them out of the SSL-VPN, just potentially the application. We do have the servers on different LAN segments, so they have no direct connection between them. They have 500miles, an OC3 and 4 routers between them on the LAN side. Different ISPs on the WAN side. -Stephen
... View more
07-23-2010
07:02:AM
We are running a MultiSite cluster with two SA4000's. It works great. I belive you must configure them as Active/Active, but we have had no problems. The replication across the WAN (15ms) has not bee a problem. you will need to use some sort of Dynamic DNS system to load balance/failover. (We used F5 3DNS in the past and now out-source) I often see myself connected to one box for my RDP session, but host checker reports back to the other box. -Stephen
... View more
07-02-2010
01:16:PM
I believe if you are requiring the Host Checker Policy to pass, you will need to check for something in the Linux Tab. We ran into this with our Mac clients. If nothing is there, they wull automatically fail the host checker.
... View more
06-29-2010
07:12:AM
Could you create a start script that would run after login that pointed the users at a webpage on some intranet server somewhere?
... View more
06-21-2010
10:15:AM
Hi All, I had an end user who is running FreeBSD and the SA is telling him it's not a"supported" OS. Has anyone seen this before? My guess is that it's just different enough that the SA can tell it's not Linux.... Suggestions? Thanks.
... View more
06-18-2010
08:15:AM
Does anyone know the "dat" file neanes for any of these? We also check to make sure the date file is up2date. For clamAv, we look at this file... /usr/local/clamXav/share/clamav/daily.cvd Thanks. -S
... View more
- « Previous
- Next »
Latest Tags
No tags yet
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy.
Pulse Secure has updated its Privacy Policy effective June 28, 2017.
