We have a number of users that use Pulse Secure VPN client to connect to a 3rd party, which is configured in Full Tunnel mode. Everything works in Tunnel 1.0 configuration but we are making a move to Tunnel 2.0 where it fails to function. The connection is not established fully and both Pulse Secure and ZCC go into Connecting and Connected state.
Working Scenario (current)
- Tunnel Driver Type: Packet Filter Based
- On Trusted Network: Tunnel, Tunnel 1.0
- System Proxy: Never
- VPN Trusted Network: Same as On Trusted Network
- Off Trusted Network: Same as On Trusted Network
Non-Working Scenario (goal)
- Tunnel Driver Type: Packet Filter Based
- On Trusted Network: Tunnel, Tunnel 1.0
- System Proxy: Never
- VPN Trusted Network: Same as On Trusted Network
- Off Trusted Network: Tunnel 2.0
- Transport Settings: TLS
- System Proxy: FWD PAC
The VPN destination is in the App PAC, Fwd PAC, VPN Gateway Bypass and still fails. Tried the following without success:
- added the DNS domain of the 3rd party to the DNS search suffix so it drops down to Tunnel 1.0 - fails
- added the DNS domain of the 3rd party to the DNS search suffix so it’s detected as VPN Trusted Network and set to None (disabled) - fails
- tried Tunnel with Local Proxy for VPN Trusted Network - fails
- tried DTLS transport - fails
It appears when switching from Z-Tunnel 2.0 to 1.0 or to disable ZIA completely, it fails and only likes when it remains on Z-Tunnel 1.0 throughout the connection.
Looking for suggestions?