Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
since ‎10-29-2017
‎10-29-2017
esper_
Occasional Contributor

Re: SA_Setting_Problem

by in Pulse Connect Secure
‎03-02-2013 04:21:AM
‎03-02-2013 04:21:AM
Sorry, can I ask one more question, Is it possible to set the NC Profile IPv4 Addresses range is different from the DMZ or Internal Subnet? Thanks. ... View more

Re: SA_Setting_Problem

by in Pulse Connect Secure
‎02-28-2013 12:46:AM
‎02-28-2013 12:46:AM
Thanks for your reply.   I only add 0.0.0.0/0 to GW192.168.0.254 in the SSG5. The Internal resource is in the 192.168.90.0/24.      In SA 2500 I add 192.168.90.0/24 192.168.0.253 "But no luck, after ssl vpn, only can ping 192.168.0.0 network only.   In SSG140 I add 192.168.30.0/24 192.168.0.200(SA Internal port) 192.168.90.0/24 192.168.0.253   Now the situation is after connect to SSL VPN, can ping to 192.168.0.0 nework but can not access to 192.168.0.0 network can can not ping and access 192.168.90.0 network.   ... View more

Re: SA_Setting_Problem

by in Pulse Connect Secure
‎02-26-2013 05:18:PM
‎02-26-2013 05:18:PM
Thanks for your reply.^^   I think so, but now I set the ACL in the below. SSG140 Untrust to DMZ Any to Any permit   DMZ to Untrust Any to Any permit       SSG5 Untrust to Trust Any to Any permit   Trust to Untrust Any to Any permit       SA2500 In [Resource Policies->Network connect-> Split-tunneling Networks], I set the Resources range is 192.168.30.0/24(VPN Pool), 192.168.0.0/24(DMZ) In [Resource Policies->Network connect-> ACL], Default is allow *:*, I add Allow icmp://*:* and tcp://*:*   Basicly I approve all the traffic, do something I miss? ... View more

Re: SA_Setting_Problem

by in Pulse Connect Secure
‎02-25-2013 01:03:AM
‎02-25-2013 01:03:AM
Dear JayLaiz Sorry for late reply. I do not in office these day. Today I do the tracert and get the result like below.     C:\Users\ >tracert 192.168.0.128   Tracing route to 192.168.0.128 over a maximum of 30 hops     1    36 ms    40 ms    39 ms  192.168.30.200   2    41 ms    41 ms    38 ms  192.168.0.128   Trace complete.     192.168.30.200 is the network connect server ip address(SA2500). THe 192.168.0.128 is the notebook, this notebook is open the rdp, telnet, etc service, I can access it in the 192.168.0.0 network but not from the ssl vpn, only can ping it though the ssl vpn. Do it the problem of ACL or the routing? (I allow allow traffic untrust to trust and trust to untrust.)   Thanks        ... View more

Re: SA_Setting_Problem

by in Pulse Connect Secure
‎02-19-2013 01:06:AM
‎02-19-2013 01:06:AM
@jayLaiz wrote: Hi,   What is the dafault gateway on the ssl VPN's internal port.   On that default gateway, add a static route with next hop as 192.168.30.0/24 pointing to the SSL VN internal interface IP and check.   Regards, Jay       Thanks for your reply, I follow your instructor, and now I can ping to the resource in DMZ, but can not access DMZ's resource, even I set untrust to DMZ allow all in SSG140, still can not do any access except ping. Would I set any other thing wrong? ... View more

Re: SA_Setting_Problem

by in Pulse Connect Secure
‎02-17-2013 11:06:PM
‎02-17-2013 11:06:PM
Dear Steve Thanks for your reply. If I can not access the local resource in DMZ, do it also the problem of routing? Thanks. ... View more

SA_Setting_Problem

by in Pulse Connect Secure
‎02-15-2013 09:14:PM
‎02-15-2013 09:14:PM
Good Morning. I have just bought a new SA 2500 for SSL VPN and a new SSG5 for sperate a DMZ. Network Diagram                                                                          --------SA2500(Interal Port)                                                                          | Internet-----(Untrucst)SSG140(DMZ)-----switch(DMZ)-----(Untrust)SSG5(Trust)-----switch(Internal)--------Internal Resource Detail SSG 140 DMZ interface  : 192.168.0.254 SA2500 Internal interface : 192.168.0.200 SSG5 Untrust interface  : 192.168.0.253 SSG5 Trust Interface  : 192.168.90.253     I try to set the SA 2500, I notice that I can connect the SSL VPN (network connect) outside, and I use the whatismyip to check the global IP, the result is the public IP of the location of SA 2500, but I can not access any internal resource in the DMZ and the internal resource. In SA2500, I do the setting with below step 1.create the user(User001) in the [auth servers>system local>Users], 2.create the roles(UserRoles01) in the [User roles], and enable the feature. 3.create the realms(HKPool)in the [User Realms], and set the auth server to use system local, role mapping UserRoles01 to * user. 4.create a new signing in page and map */HK_User/ -->New Page-->HKPool, and enable the multiple user sessions. 5.In [Resource Policies->Network connect->Network connect access control], I see there is default *:* all roles allow. 6.In [Resource Policies->Network connect->NC Connection Profiles], I set the 192.168.30.2-192.168.30.100 IP pool for all roles. 7.In [Resource Policies->Network connect-> Split-tunneling Networks], I set the Resources range is 192.168.30.0/24(VPN Pool), 192.168.0.0/24(DMZ), 192.168.90.0/24(Internal). 8.In [Netowork->Network Connect], I set the Network Connect Server IP Address is 192.168.30.200. After I set that, I can can access the sa2500 from outside but can not access the machine in DMZ and internal, Do I miss any setting?   ... View more
Latest Tags
No tags yet
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.