Thank you for confirming. What version are you using? I did a quick check and my default is showing that field as the name ive If you are not currently in a cluster, can you create a cluster of one node? The `node name` should be what is shown in the syslog output. if you are not seeing that, i would recommend opening a case with ou support team ​   ... View more

SSO is required for HTML5 bookmarks I am not sure how you were seeing this work previously ... View more

the trusted server CA list is a combination of default certificates that are installed as well as any that are installed by you as the admin you can delete the certificates, yes users do not add certificates to this list and any that are marked as trusted are per-user and not shared. you can delete them as users will see a warning either way; i would recommend checking with our support team for more info and/or testing in your lab to see what happens does that answer what you are looking for? ... View more

can you expand further on what you are looking to get (e.g. is this from the appliance? endpoints?) ... View more

it copies it to a place it can run/execute from no, the copy cannot be configured; it will always copy from the location identified to that temporary location. does your SRP allow you to whitelist source files? does it allow wild cards for directories (e.g. c:\users\username appdata\local\temp\*)? ... View more

I'm not sure that can be done; what is the filter you created look like? do you have a hostname configured at system>network>overview? ... View more

1. Outside the way you are using it? no; that is the only way it can be used at this time 2. i am not sure if it can be avoided other than, possibly, trying to use SSO to see if that triggers it (but i am not familiar with the system to know if that is possible) i would recommend reaching out to your account team to work with them on an enhancement request through the product team ... View more

the issue is most likely that the admin has enabled the option to send all traffic through the tunnel. due to changes in windows, the connection is marked (erroneously) as down. can you confirm you have one of the warnings that indicate you do not have internet (even though everything is reachable)? if you have not already done so, please ask your IT team to open a case with our support team so we can work with them to implement other solutions/options that will allow connections without triggering this issue. ... View more

You can troubleshoot with wireshark to confirm that the response for the NCSI check is failing (meaning that the data is not being returned or the access is failing somewhere along the path) ... View more

In addition to the previous steps, what happens if you remove the proxy from the configuration? ... View more

  8.2 cannot be downloaded; however, you should still be able to see the 8.3 DTE version on the support site: Login to my.pulsesecure.net Click on “Licensing & Download Center” Click on “Downloads” Click on Pulse Secure Click on Pulse Connect Secure Click on Pulse Connect Secure Click on “End of Engineering Releases” Click on desired release Accept the Export Compliance Accept the EULA Click on the file ending in .zip for the desired virtual format ​   ... View more

I would recommend checking with your PCS/VPN admin for more information on what you need in order to complete successful authentication ... View more

I have been testing with the Catalina beta and Pulse is looking to be ready when Catalina is available in the next 6 - 8 weeks ... View more

  is this all connections? there are some things that will cause that message: the site is not allowed on the ACL proxy in the browser proxy on the network the server is not reachable ​   ... View more

what SSL/TLS version are you using? if the PCS is using a version that is disabled on the client (or browser), it will not work. does the same behavior occur without cert auth? do non-yubikey certificates show the same behavior? is the sign-in URL that you are using in the browser the same as you have configured on the appliance? ... View more

as others have mentioned, that is not something that can be done at this time. i would recommend reaching out to your account team to let them know this is something you think would be beneficial and they can work with the product team on an enhancement request ... View more

what is the context of wanting the legacy client for a legacy version? as @Ray mentioned, it is not available outside of the PCS gateway itself and needs to be provided by the administrator. if you have access to the Pulse client, that should function on the same role/realm (unless admin restrictions have been implemented that prevent the newer client from connecting) ... View more

@Ray, your guess is as good as mine (both on the impact and goal). because the system has been factory reset prior to the OVF being done, it should be the same as what is downloaded (only, potentially, on an upgraded version). @mbuster25: what are you expecting to happen when doing that vs using the OVF from the download site. if the goal is to have a new VM image up and running, yes, that should work just fine (as long as VMware allows doing that). in theory, though, yes, that should create a blank PCS on the version you are wanting to deploy (if that is the reason for doing it that way). i am not sure what will happen when it deploys (if it uses the property values from the original or if you can update them to the new data center details). ... View more

Hi @swathi, I would recommend contacting our support team for assistance ... View more

in addition to what @Ray said… when you initially launched the pulse client, do you remember if you saw a request to authorize the connection? if not, next time you reboot and attempt to connect to pulse, can you open System Preferences>Security and see if there is a request to authorize the application loading a kernel extension? ... View more

To jump on what @Ray was asking: are you clicking on anything to use RDP (for example an RDP client bookmark) on the web portal? if you are using the Pulse client or WSAM, it works through the magic of TDI; if you are using the Terminal Service client (RDP bookmark), it works through the magic of localhost :D without more information on which client you are using, we are only grasping at straws (reasonably strong straws; but straws nonetheless) ... View more

which version of Android OS are you using? there is an issue with pre-Android 9.0 in which the OS revokes the Pulse Secure client access (even after granting access) the configuration, in our testing, requires the certificate to be configured for the Pulse Secure client using the application configuration option in AirWatch ... View more

I can see the validity of that request; unfortunately, it does not exist at this time. i would recommend working with your account team to put in an enhancement request with the product team to investigate the options for adding this ... View more

Hi @Arne, Can you let me know what type of service is being provided to the Windows 10 users: VPN or NAC? From the description, it appears to be NAC (at least on-prem). Yes, that is correct that the Pulse Linux client does not support CAC auth. I believe that the PPS should be able to do native 802.1x authentication for Linux if the native supplicant supports CAC with 802.1x. if it is for VPN access, the lack of CAC support is still present. person-hours for maintenance: should be around 2 a year (for upgrades). person-hours for initial config? no easy way to guess; but i would forecast less than 50; but could be more (just because there are always details that pop up unexpectedly or do not work as expected) ... View more

to add to what @Ray said, are you wanting to do host checking validation for machines that are creating a VPN tunnel OR are you wanting to do host checking based on resource access over the VPN tunnel? ... View more

@Ray: No, setup client is not installed with Pulse Desktop. @CDriVe: The lack of setup client, as Ray mentioned, will not prevent the ability to connect. if you login through the web and then click on "start" do you see the same behavior (inability to start the session)? do you have a minimum client version configured & enforced? do you see the proper configuration information showing after installation completes? do you see the same behavior if everything is hosted locally (rather than remotely)? ... View more

@rigert i would recommend opening a case with our support team. can you confirm the following: the PCS you are connecting to has a certificate issued by a standard CA you are not using certificate authentication browser-based auth works when you login to the browser, you see an option to launch Pulse what happens when you launch Pulse from the browser? ... View more