Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
since ‎10-25-2016
‎10-29-2017
kconroy
Not applicable

pulsesvc on 64bit Fedora24 (v82-5#120)

by in Pulse Connect Secure
‎10-25-2016 04:44:PM
‎10-25-2016 04:44:PM
I'm trying to get Linux VPN working on our Fedora 64bit boxes. I'm a linux sysadmin, not the VPN admin - so this is very much a user-type question. Our VPN admin has created a Linux Users Realm for us, so all I have to do is get it to work. I've managed to get some semblance of operation by installing a ton of 32 bit libs and copying libpulseui.so to /usr/libs. This means I can fire up the pulseui client and attempt a connection. It just hangs as the host-checker, continually refreshing and getting nowhere. I have a similar experience using Firefox going to our vpn URL. So now I try the pulsesvc CLI. (Typical Linux user, always feel more comfortable with CLI) pulsesvc -L 5 -h vpnemea.MYCO.com -u MYNAME -r External Linux Users Realm -U https://vpnemea.MYCO.com This fails really quickly, with the logs indicating the following errors (see below). So - in your experience, could this be down to the inability to set up the juniper resolve.conf, or the cert failings on our VPN portal, or.... something else? Like, try a different linux or somesuch Kind regards -KC ---->> ERROR LOGS --->>> sysdeps.error rename /etc/jnpr-nc-resolv.conf => /etc/resolv.conf failed wirh error 2 (sysdeps.cpp:978) sysdeps.error rename /etc/jnpr-nc-hosts.bak => /etc/hosts failed wirh error 2 (sysdeps.cpp:982) which is par for the course as far as google searches turn up. Next errors are a pile of certificate errors, probably due to our companies ropey understanding of CA's and certs. dsclient.para DSClient::authenticate(): user:MYNAME, password:..., cert:81a4ac1, realm:External Linux Users Realm (dsclient.cpp:306) DSInet.info IVE host vpnemea.MYCO.com resolved to 88.88.77.222, port 443 (dsinet.cpp:329) dsssl.warn ssl_init : Failed to load CA certificates (DSSSLSock.cpp:1515) http_connection.para Starting a timed connect with SSL session 0x99e6448, proxy (null):0, and timeout 30 (http_connection.cpp:236) http_connection.para Entering state_start_connection (http_connection.cpp:351) http_connection.para Remote Address: ip=80.77.70.252, port=443, familiy=2 (http_connection.cpp:799) http_connection.para Remote Server=vpnemea.MYCO.com (http_connection.cpp:801) http_connection.para Local Address: ip=0.0.0.0, port=0, familiy=2 (http_connection.cpp:806) http_connection.para Proxy Address: ip=(null), port=0, familiy=0 (http_connection.cpp:811) http_connection.para Entering state_continue_connection (http_connection.cpp:368) http_connection.para Entering state_ssl_connect (http_connection.cpp:538) dsssl.error verify_server_cert_callback : Certificate Verification Failed : error:unable to get local issuer certificate depth:0 errorno:20 (DSSSLSock.cpp:1588) dsssl.info log_cert_info : Subject : C = US, ST = SOMESTATE, L = SOMEAREA, O = "MYCO, Inc.", CN = *.MYCO.com (DSSSLSock.cpp:1555) dsssl.error SSL_connect failed. Error 1 (DSSSLSock.cpp:1834) http_connection.para Returning DSHTTP_ERROR from state_ssl_connect (http_connection.cpp:553) http_connection.para do_connect error: state 5, err 5 (http_connection.cpp:341) DSInet.error failed to connect to (vpnemea.MYCO.com) error 1 (dsinet.cpp:412) dsclient.error unable to open URL: (https://vpnemea.MYCO.com) with error -7 (dsclient.cpp:321) ncapp.error Failed to authenticate with IVE. Error 2 (pulsesvc.cpp:281) dsncuiapi.para DsNcUiApi::~DsNcUiApi (dsncuiapi.cpp:83) ... View more
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.