About r@yElr3y

r@yElr3y

@dday376 Ideally, we would be using "click here" in case if we don't like to wait and willing to give up the access (user role) which would be assigned after a successful host check. What happens if you the host checker to load the components, do you see any error message after some time?

r@yElr3y

@Jasdoc What is preventing you from connecting to VPN? Any error messages while attempting to connect?

r@yElr3y

@briancle1806 Please restart the Pulse Secure Service from the services manager. Open Run command >> services.msc >> Search for Pulse Secure Services >> Right click and restart.

r@yElr3y

Route precedence needs to be changed on the VPN server side not on the client side.

r@yElr3y

CVE-2019-11510 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11510 In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability. https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/?kA23Z000000KBro Pulse Connect Secure 9.0R3.4 & 9.0R4 & above is having fix for the reported vulnerability.

r@yElr3y

I believe the logic that you've mentioned is correct. I don't see any other way of calculating the Active users :) Maybe you can add "Idle timeout" and "maximum session length" events as well.

r@yElr3y

Oh yes, we can capture the login succeeded and logout/closed connection events using msg filter (msg='keyword') or event-ID filter, but it look like overhead to me (still achievable). We need to have additional logic built-in to ignore the session resumptions and identify multiple user sessions, if allowed.

r@yElr3y

@swathiadireddy Live user count update can be pulled using SNMP, Healthcheck & REST API query. Healthcheck - https://docs.pulsesecure.net/WebHelp/PCS/9.0R1/Content/PCS/PCS_AdminGuide_9.0/Configuring_Health_Check_Options.htm https://community.pulsesecure.net/t5/Pulse-Connect-Secure/API-call-to-get-all-active-users/td-p/42165 SNMP - https://docs.pulsesecure.net/WebHelp/Content/PCS/PCS_AdminGuide_8.2/Configuring%20SNMP.htm REST API - https://community.pulsesecure.net/t5/Pulse-Connect-Secure/Is-there-any-way-to-get-active-users-from-the-REST-API/td-p/41521

r@yElr3y

Active users count should cover the users who are connected to Pulse through web or client session. If you're looking for logs that shows the number of users connected, then please check the events logs and you should find "Number of concurrents users logged" updated every one-hour. Configure the splunk to differentiate the counts based on the VPN server node name and concat them to show the overall user count logged into the cluster.

r@yElr3y

@B.C Do you mean that the Pulse Client status does not change to Connected, even after providing the token?

r@yElr3y

Please open a support with us for investigating this further.

r@yElr3y

Seeing this issue surfacing alot lately, can you please provide the pulse client debuglogs for review. Send the logs to me as PM.

r@yElr3y

Mostly, all user roles feature can be configured using REST API. Getting started guide might be having some limited contents, you can use the XML export data to get the details about the PATH and type of data to send for configuring those features.

r@yElr3y

Do you have any DNS modifiers like OpenDNS crypt or Cisco Umbrella client running which would change the system DNS to loopback IP? Resolve address rule was configured based on the Physical Interface DNS, correct?

r@yElr3y

Thank you for sharing this info. Much Appreciated!

r@yElr3y

Upload the updated sdconf file. VPN server will read the RSA servers available from the conf file and we should be good.

r@yElr3y

VPN server is rejecting the connection based on the realm-level restrictions configured. Please contact your IT helpdesk/VPN admin for reviewing the VPN server logs.

r@yElr3y

Is the VPN connection stable when you mobile hotspot? seems like an issue might on the client side... Can you please DM me the Pulse Client logs for quick review?

r@yElr3y

That's weird. Please open a support a ticket with us. If possible, share the iOS client logs with me over PM.

r@yElr3y

Do you use WiFi or LAN connection? If it's WiFi, please try https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB43833/?kA1f1000000fz7V

r@yElr3y

Please share the Pulse Client debuglogs as PM.

r@yElr3y

Yes, you need to create a FQDN ST allow policy that includes are FQDNs used by Facebook. Sites which are not configured to allow, would go out using the user network.

r@yElr3y

Ignore the browse result, please try to access the fileshare through bookmark.

r@yElr3y

You got it. Correct component mapping would fix this issue.

r@yElr3y

https://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB43813/?kA1f1000000fz4e

r@yElr3y

You're correct. I've started to see the same behavior just by chrome upgrade.

r@yElr3y

Initial POST to the PTP hostname gets changed to GET after authentication and redirects? Can you please try using Authorization-only access method and see if it helps?

r@yElr3y

Please provide the error code.

r@yElr3y

Can you please provide the Pulse Client logs for review? send the logs to me as PM.

r@yElr3y

I've seen updates to ca-certs when I do apt update, maybe it update during the re-installation.

Re: Pulse Secure on Ubuntu 18.04LTS Hangs on Host ...

Re: iPadOS 14 beta

Re: Pulse Secure stuck on connect requested

Re: Linux PulseSecure blocks virbr0 route disablin...

Re: Actions taken against TLP:White Netwalker Rans...

Re: Active user count on Pulse Secure Connect

Re: Active user count on Pulse Secure Connect

Re: Active user count on Pulse Secure Connect

Re: Active user count on Pulse Secure Connect

Re: pulse secure not sending code

Re: HTTP request failed: 400

Re: Pulse Secure stops working after restart

Re: API Missing Features?

Re: unable to send DNS request, error 10049

Re: DHCP reservation without MAC address?

Re: Add RSA ACE Server SecurID Authentication

Re: Authentication Rejected By Server Error: 1308

Re: Pulse issues with Netgear Orbi

Re: Pulse Secure does not push DNS settings to IOS...

Re: I have the client 9.1.7 connects great but wit...

Re: Can’t get the client to work on MacOS Catalina...

Re: Confused by FDQN split tunneling

Re: file browsing resource profiles not connet

Re: Client 9.1.1(607) on server 9.1r7 - Connection...

Re: Pulse Client on iPhone X with Certificate Auth

Re: Pulse Secure application launcher in Chrome 84

Re: First access to a Pass-Through proxy change PO...

Re: macOS Catalina - Pulse Secure Connect - Help M...

Re: Unable to Restart Windows after disconnecting ...

Re: ssl certificate has expired